From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp12.migadu.com ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms9.migadu.com with LMTPS id wBX6AuePBmSG9wAASxT56A (envelope-from ) for ; Tue, 07 Mar 2023 02:14:15 +0100 Received: from aspmx1.migadu.com ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp12.migadu.com with LMTPS id qGNBA+ePBmSOqwAAauVa8A (envelope-from ) for ; Tue, 07 Mar 2023 02:14:15 +0100 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id C62923FC0E for ; Tue, 7 Mar 2023 02:14:14 +0100 (CET) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1pZLtz-0004Rt-0j; Mon, 06 Mar 2023 20:14:03 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pZLty-0004Rl-3c for bug-guix@gnu.org; Mon, 06 Mar 2023 20:14:02 -0500 Received: from debbugs.gnu.org ([209.51.188.43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1pZLtx-0005XM-PN for bug-guix@gnu.org; Mon, 06 Mar 2023 20:14:01 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1pZLtx-0006fs-LK for bug-guix@gnu.org; Mon, 06 Mar 2023 20:14:01 -0500 X-Loop: help-debbugs@gnu.org Subject: bug#61570: Backward incompatible changes in mpd-service-type Resent-From: Maxim Cournoyer Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Tue, 07 Mar 2023 01:14:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 61570 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: Liliana Marie Prikler Cc: Bruno Victal , 61570@debbugs.gnu.org Received: via spool by 61570-submit@debbugs.gnu.org id=B61570.167815162325625 (code B ref 61570); Tue, 07 Mar 2023 01:14:01 +0000 Received: (at 61570) by debbugs.gnu.org; 7 Mar 2023 01:13:43 +0000 Received: from localhost ([127.0.0.1]:44041 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pZLtf-0006fE-53 for submit@debbugs.gnu.org; Mon, 06 Mar 2023 20:13:43 -0500 Received: from mail-qv1-f42.google.com ([209.85.219.42]:36848) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pZLtd-0006f1-KI for 61570@debbugs.gnu.org; Mon, 06 Mar 2023 20:13:42 -0500 Received: by mail-qv1-f42.google.com with SMTP id m4so8005092qvq.3 for <61570@debbugs.gnu.org>; Mon, 06 Mar 2023 17:13:41 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; t=1678151616; h=mime-version:user-agent:message-id:in-reply-to:date:references :subject:cc:to:from:from:to:cc:subject:date:message-id:reply-to; bh=ssHUTgrq+deZfcBh4nXQ9hVnctXlHloWrPVZC9ROYSQ=; b=X64l/jf7OzGnjWwKQAGJzjOuF95j2i4NMAwleFfdosvdZdn77vLVpCCwwhvUf2hofZ 3DvHX2FRHa1uf7xv9tyzbroX3V+7PhCy2WE8I8pgCaczRjm63WkiVA8jNG0tvhiDttB+ 5ilF4qqMwL5DJtbB3p46mVGFK1VbBy11xoQv3aiyO8J0nAUh9k7tHX4riZmMfOkicnV3 NVTb9tTpS+NPmGtqXH4vEx2cv/hEwR3NKy6cg0lSe7rXoPcBItLzJbktOpPOBryvvVFb O1YyfyRnT7o9KkisFDdndR26yX8UVOj3X6SH+Y/G+WI7JyvoxGgFHHNjkXCRyEcjHUve ZOjw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1678151616; h=mime-version:user-agent:message-id:in-reply-to:date:references :subject:cc:to:from:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=ssHUTgrq+deZfcBh4nXQ9hVnctXlHloWrPVZC9ROYSQ=; b=ZHoHLt3r6tdNVzZhicRjAWABQpbsOufQgXfZgfs6IJIofhHfby7tyU7E041rhEzGv2 hgcz0GVX7IH+bXfofa+X9DzE2rSloErWjq+zF2mVUcBVPnoa/FFu2K6VZZJKQAwPN+A0 OvebidjFv6KEftcD3yfFAkjSYX7sAlU/p4ZyLzkZzxqcHx21RLu6zOlBNXDRcWKgn86Q LINAAE2uRYtu93D2nXkM/P/s3TEQb/wc4pTfrNjrEB9orZB9YzOkCCRqTAjbWWfdzBBw HSnxCe2Y/yAyUSz37p2FlkaM8wLd5IudKGOG7ctYPaSoKe69L+hrl7fFD2LnYfsIUppc JCrQ== X-Gm-Message-State: AO0yUKXLkJmGiv0YDl9qtOREcvyjVnIVcea3RSJJ2mzzkj6yX73rDZSi 6uKfMC7BukFxYHOd3aU5RCgU85OdwSSF1w== X-Google-Smtp-Source: AK7set92MW/6oQmqSIpJfxRj+OFMTy85gF7YEHxQvPm+5xsUfQgEWDcCuT6tgFSOimkf8xUtJhJmlg== X-Received: by 2002:a05:6214:da4:b0:535:5492:b427 with SMTP id h4-20020a0562140da400b005355492b427mr23750394qvh.28.1678151615920; Mon, 06 Mar 2023 17:13:35 -0800 (PST) Received: from hurd ([2607:fad8:4:3::1000]) by smtp.gmail.com with ESMTPSA id b24-20020a05620a0f9800b007419f1561fesm8341985qkn.112.2023.03.06.17.13.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 06 Mar 2023 17:13:35 -0800 (PST) From: Maxim Cournoyer References: <87y1owsbab.fsf@gmail.com> <8c7394ba-b8fa-eac5-7d3e-3d8160b71894@makinata.eu> <959a4528abf2fec979e3816ff8d175f65d13d1ab.camel@gmail.com> Date: Mon, 06 Mar 2023 20:13:34 -0500 In-Reply-To: <959a4528abf2fec979e3816ff8d175f65d13d1ab.camel@gmail.com> (Liliana Marie Prikler's message of "Fri, 17 Feb 2023 19:06:50 +0100") Message-ID: <87bkl5z7lt.fsf@gmail.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-guix@gnu.org List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org Sender: bug-guix-bounces+larch=yhetil.org@gnu.org X-Migadu-Country: US X-Migadu-Flow: FLOW_IN ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1678151654; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:resent-cc:resent-from:resent-sender: resent-message-id:in-reply-to:in-reply-to:references:references: list-id:list-help:list-unsubscribe:list-subscribe:list-post: dkim-signature; bh=ssHUTgrq+deZfcBh4nXQ9hVnctXlHloWrPVZC9ROYSQ=; b=YQkzPZ+MKlXzMruCIzlM+hsXpUfkx4//tBdT4/twGAz25H8wcXPXwhdu0qW1dXNB21ntIn Rob64pspiX2RTk3Qhf0nk81xLHtsKCj2X/oll0Eu6Nq3BtK0H3S8jnoomt7DTeMCvXdMAa wKQhPQlPMOLZvCavhWq/ISRISMk6h7WcJAs/OLD5CZK9U6mLTuD3TkulJCNbCWbiN2CImB l6QiC2qzPJFzHCg9KpXf4d9e1j6imoG0pooVlt5V2CXNb03Mz300lfjmpwfRT8auMjqI9n OBU/vTOKzNEDjueqICc7Akgww3YrHAE+Htulq5zbAykTvbV0CEikxMe1mTtvzw== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=gmail.com header.s=20210112 header.b="X64l/jf7"; spf=pass (aspmx1.migadu.com: domain of "bug-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="bug-guix-bounces+larch=yhetil.org@gnu.org"; dmarc=fail reason="SPF not aligned (relaxed)" header.from=gmail.com (policy=none) ARC-Seal: i=1; s=key1; d=yhetil.org; t=1678151654; a=rsa-sha256; cv=none; b=nojkio0vnrS47C+V4fJ6JZNVMNNGmuY9/11fmdB37p5FoCzVqhf2y4j3/wYTSWXjyrpAxU VTk0ggHQg5H906xo6RGvg8doVxogcvEaADG2HnFlKufTAuQsemBtyFmQsIzmG+62s9k2qp b6GSE+AaIppj9zRtOS6YdtCymPQ2Bh35poHe8p+FDcacLT72Wyma60R2Kq2lVzUPBrgZB2 w2irwkJkKG5QlQujRUXvNlsF+2lEq+Ohh+kwjyuGTZpheH1hI1QinbFdQm/9BB6B2sZGCq uYbAHiNKLpNjWcrShY2XZs1njf9NDPpNAErDuRKrvW9JzwSoCFsU/6Q3Q5Vt7A== Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=gmail.com header.s=20210112 header.b="X64l/jf7"; spf=pass (aspmx1.migadu.com: domain of "bug-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="bug-guix-bounces+larch=yhetil.org@gnu.org"; dmarc=fail reason="SPF not aligned (relaxed)" header.from=gmail.com (policy=none) X-Migadu-Spam-Score: 7.29 X-Spam-Score: 7.29 X-Migadu-Queue-Id: C62923FC0E X-Migadu-Scanner: scn1.migadu.com X-TUID: n7FYr71oNFFu Hi Liliana, Liliana Marie Prikler writes: [...] >> This is an unfortunate situation arising from a bug before the >> service was refactored. >> Before d7fd9ec209f72e9cfff04a48bf16e092f258d8ff (actually >> 5c5f0fc1135ff15f9c4adfc5f27eadd9a592b5d1) >> mpd-service-type contained a service-extension for %mpd-accounts >> where the values for both group and user were hardcoded to "mpd" >> but this was actually never used since shepherd would launch the >> service using root and mpd would downgrade its permissions and switch >> to the user specified in the mpd-configuration record since this >> field is serialized to the configuration file. > It would be quite weird if someone had already pointed out how to > properly handle the accounts and groups only for that to be ignored > later in the review. > > Am Samstag, dem 24.12.2022 um 18:20 +0100 schrieb eine leichtsinnige > Person, die ihre eigenen Anmerkungen vergisst: >> I think you should make it so that you can pass a user-account and >> user-group to the mpd service so that they can be reused (with a >> sanitizer that creates a user/group from string). > Never mind then. I think Bruno has been reworking that, I think they must be about ready. > Am Freitag, dem 17.02.2023 um 07:53 -0500 schrieb Maxim Cournoyer: >> Else an error rather than a warning when multiple same-name users are >> defined would be more appropriate, I think. > Guess what, it used to be a formatted message (i.e. an actual error). > However, that broke some configs as reported in [1], so I demoted it to > a warning. Interesting. I didn't know we were usefully (?) abusing duplicate users and group. Perhaps we should try to isolate the most common offenders (services?), fix them up, and then re-introduce the check, perhaps gradually (e.g. "in 6 months time, duplicated users or groups will become a configuration error"). -- Thanks, Maxim