From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp1 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id 4ACJImlNbV+tfgAA0tVLHw (envelope-from ) for ; Fri, 25 Sep 2020 01:52:41 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp1 with LMTPS id kPhsHmlNbV9aTgAAbx9fmQ (envelope-from ) for ; Fri, 25 Sep 2020 01:52:41 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 1E0B1940393 for ; Fri, 25 Sep 2020 01:52:41 +0000 (UTC) Received: from localhost ([::1]:47310 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kLcue-0004Bc-4O for larch@yhetil.org; Thu, 24 Sep 2020 21:52:40 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:37058) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kLcu2-0003yo-4R for bug-guix@gnu.org; Thu, 24 Sep 2020 21:52:02 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:58840) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kLcu1-0001bO-Pc for bug-guix@gnu.org; Thu, 24 Sep 2020 21:52:01 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1kLcu1-00040v-NK for bug-guix@gnu.org; Thu, 24 Sep 2020 21:52:01 -0400 X-Loop: help-debbugs@gnu.org Subject: bug#39670: Cannot mount NFS share as user or root Resent-From: Maxim Cournoyer Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Fri, 25 Sep 2020 01:52:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 39670 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: Nathan Dehnel Received: via spool by 39670-submit@debbugs.gnu.org id=B39670.160099872115427 (code B ref 39670); Fri, 25 Sep 2020 01:52:01 +0000 Received: (at 39670) by debbugs.gnu.org; 25 Sep 2020 01:52:01 +0000 Received: from localhost ([127.0.0.1]:42153 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kLcu0-00040h-Tx for submit@debbugs.gnu.org; Thu, 24 Sep 2020 21:52:01 -0400 Received: from mail-qt1-f169.google.com ([209.85.160.169]:41981) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kLcty-00040U-90 for 39670@debbugs.gnu.org; Thu, 24 Sep 2020 21:51:59 -0400 Received: by mail-qt1-f169.google.com with SMTP id b2so732623qtp.8 for <39670@debbugs.gnu.org>; Thu, 24 Sep 2020 18:51:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:references:date:in-reply-to:message-id :user-agent:mime-version; bh=MRg4IlCJw8ZmlLoAU4VXFotbs0s9OSA678gtVQzmHx4=; b=DlbQ7EjXw1hZ+K1quPJemWjSlqhJNDRgjB9I4sKkgqUJrI2Za4hdJL7CjGIeHUQvW0 96CTLJVJkV8LNDp/hlnmKl7bf/iolk10DZugmbdufZFVH9KhsqITzEvNXopHNJqlB/u6 Icy04Agyg/10Hr98ZEymJ0HOTgXl32mRIJizqkAeDvOuWZD0qSMRDCccbi1Bf5X8SSrp Yr+NuwoUdpSmQkIQlSVX5YAi9bJxoptUmsxeNgdtybT+MGZ0r5vBFENmD6JQI9SjwX67 ydSHqp2QHLpIGv6yj9fjcYSEuTqyhwk6po8xgzau8k/Bt8w2hjKBn3K+BoNJkb68phVm pmKQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:references:date:in-reply-to :message-id:user-agent:mime-version; bh=MRg4IlCJw8ZmlLoAU4VXFotbs0s9OSA678gtVQzmHx4=; b=IxBaNHsHZsGEAQcL2pFY4QMLwNEktb10GPiXtT0YsxAc7dgwfIJYjSac4Evovr/MP5 apzAtoklgi4lbfG+wV7VbiwflYrgMZKVXcbLqPG2zwaUTXmU8B4TRsqbdjxmll9PkUgH IMheMpdiF3fff/be5+4dJ8gzzmU8hnsamJ+BB1sQUz2tYTRD8kcCctau6RtasS5C9L46 18Ihxp0BBmZvqNI0a4iQmxpn+8q115YxAdK/FfEVzPSk6aX6eq70fmdajW7iVcXz0skl E8Gul0xWT6G9lkMlYgLtHjH4LE7BoVJ3xO459cKZCe1rN7jg8UkMpWPI3IUOsVIp9dOl JHyg== X-Gm-Message-State: AOAM532yHLyhuGpUcKlKqjWgLxq3yus1+JV1YdoicYdYnuaukKPjWfOD b6DdQzOSxp+QCeJlG/HkBR3iheO4hRT2rw== X-Google-Smtp-Source: ABdhPJzwIALgqPbz8GlSa8jO3S3oEldeBOksOMnoteemB3TkrzNcRV+AohPU4b83X0ldpvVxMU6Rdg== X-Received: by 2002:ac8:19e9:: with SMTP id s38mr2299016qtk.248.1600998712486; Thu, 24 Sep 2020 18:51:52 -0700 (PDT) Received: from hurd (dsl-10-130-151.b2b2c.ca. [72.10.130.151]) by smtp.gmail.com with ESMTPSA id y7sm1004080qtn.11.2020.09.24.18.51.51 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 24 Sep 2020 18:51:51 -0700 (PDT) From: Maxim Cournoyer References: <87o8tvwpfk.fsf@gmail.com> <87v9o18bum.fsf@raisin.i-did-not-set--mail-host-address--so-tickle-me> <875zcg7nyu.fsf@gmail.com> <87y2kzvmc2.fsf@gmail.com> Date: Thu, 24 Sep 2020 21:53:10 -0400 In-Reply-To: (Nathan Dehnel's message of "Thu, 24 Sep 2020 02:19:29 -0500") Message-ID: <878scyvczd.fsf@gmail.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: 0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-Spam-Score: -1.0 (-) X-BeenThere: bug-guix@gnu.org List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: 39670@debbugs.gnu.org Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org Sender: "bug-Guix" X-Scanner: scn0 Authentication-Results: aspmx1.migadu.com; dkim=fail (rsa verify failed) header.d=gmail.com header.s=20161025 header.b=DlbQ7EjX; dmarc=fail reason="SPF not aligned (relaxed)" header.from=gmail.com (policy=none); spf=pass (aspmx1.migadu.com: domain of bug-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=bug-guix-bounces@gnu.org X-Spam-Score: 0.09 X-TUID: yJLLCzXNjpmI Hi, Nathan Dehnel writes: > Right, but it's more inconvenient than just clicking the share in thunar > and it mounting. Actually, I can't mount it without doing "sudo" first, > despite having the "user" fstab flag set. This actually might be a separate > issue, but I'm not sure. That's a good point. We should try to make this simpler. The mount.nfs binary needs to be setuid root to allow unprivileged users to mount NFS file systems. Unfortunately, the mount command (which we already define as setuid-root) only looked for helpers under /run/current/profile/sbin. This is now fixed in commit def6e2ae4619587114383b3f8fd9f3cf8310b4b9 (which had to be made on core-updates). > Why doesn't the regular "mount" command work, again? Some sort of > dependency loop because of the functional package manager? And this is > deemed "not guix-specific"? For some file systems, 'mount' requires helper to be found in its PATH (see: "man mount"). That is true on any systems (not Guix-specific). These helpers are not installed out-of-the-box on Guix System, so you need to add them yourself to the 'packages' operating system field. If you also want to be able to use mount as an unprivileged user, the mount command as well as its helpers must all be setuid-root. Again, this is something (for the helpers) that must currently done manually by adding, for example: --8<---------------cut here---------------start------------->8--- (setuid-programs (cons* (file-append nfs-utils "/sbin/mount.nfs") (file-append ntfs-3g "/sbin/mount.ntfs-3g") %setuid-programs)) --8<---------------cut here---------------end--------------->8--- I've sent a patch for review which proposes to add these setuid-root binaries for desktop users out-of-the-box on Guix System, which only adds about 4 MiB to the almost 3 GiB closure of the lightweight-desktop.tmpl system [0]. As mentioned before, it depends on a change to util-linux that had to be made on the core-updates branch, so it won't be usable until the next core-updates merge. Maxim [0] https://debbugs.gnu.org/cgi/bugreport.cgi?bug=43604