* bug#30728: guix-install.sh doesn't work if run with "sudo" [not found] <87zi3lh6mb.fsf@lassieur.org> @ 2018-03-23 13:20 ` Clément Lassieur 2018-03-25 5:16 ` Chris Marusich 0 siblings, 1 reply; 14+ messages in thread From: Clément Lassieur @ 2018-03-23 13:20 UTC (permalink / raw) To: 30728 Clément Lassieur <clement@lassieur.org> writes: > Hi, > > My system is Ubuntu 16.04. > > I ran './guix-install.sh' and got the message: "This script must be run > as root.". So I ran 'sudo ./guix-install.sh' and got an error message > saying that: > > GUIX_PROFILE="${HOME}/.guix-profile" > source "${GUIX_PROFILE}/etc/profile" > > the 'source' command doesn't work because ${GUIX_PROFILE} was never > created, ${HOME} being /home/clement, not /root. > > To recover from this I had to manually delete /var/guix and /gnu, log as > root with 'su', and start again. > > Clément I believe the script should install Guix in the user's home directory, not in ~root. ^ permalink raw reply [flat|nested] 14+ messages in thread
* bug#30728: guix-install.sh doesn't work if run with "sudo" 2018-03-23 13:20 ` bug#30728: guix-install.sh doesn't work if run with "sudo" Clément Lassieur @ 2018-03-25 5:16 ` Chris Marusich 2018-03-26 8:05 ` Clément Lassieur 0 siblings, 1 reply; 14+ messages in thread From: Chris Marusich @ 2018-03-25 5:16 UTC (permalink / raw) To: Clément Lassieur; +Cc: 30728 [-- Attachment #1.1: Type: text/plain, Size: 2146 bytes --] Clément Lassieur <clement@lassieur.org> writes: > Clément Lassieur <clement@lassieur.org> writes: > >> Hi, >> >> My system is Ubuntu 16.04. >> >> I ran './guix-install.sh' and got the message: "This script must be run >> as root.". So I ran 'sudo ./guix-install.sh' and got an error message >> saying that: >> >> GUIX_PROFILE="${HOME}/.guix-profile" >> source "${GUIX_PROFILE}/etc/profile" >> >> the 'source' command doesn't work because ${GUIX_PROFILE} was never >> created, ${HOME} being /home/clement, not /root. >> >> To recover from this I had to manually delete /var/guix and /gnu, log as >> root with 'su', and start again. >> >> Clément > > I believe the script should install Guix in the user's home directory, > not in ~root. The manual says (see: (guix) Binary Installation): 3. Make ‘root’’s profile available under ‘~/.guix-profile’: # ln -sf /var/guix/profiles/per-user/root/guix-profile \ ~root/.guix-profile Source ‘etc/profile’ to augment ‘PATH’ and other relevant environment variables: # GUIX_PROFILE=$HOME/.guix-profile ; \ source $GUIX_PROFILE/etc/profile I believe the expectation here is that $HOME will expand to root's home directory. Look at the previous ln invocation: we set up a symlink for the .guix-profile in root's home directory, so it's pretty clear that $HOME/.guix-profile is supposed to point to that profile. I think there is a tacit assumption in the manual and the guix-install.sh script that the HOME environment variable will refer to root's home directory, which is not always true. For example, on current Ubuntu, if you run sudo with no arguments, you will find that the HOME environment variable still points to your unprivileged user's home directory, not to root's home directory. This is because sudo can be configured in many ways, and on Ubuntu, they have chosen to configure it in that way. On other systems, it might behave differently. I've attached a patch which should fix this. Can you confirm whether it works? -- Chris [-- Warning: decoded text below may be mangled, UTF-8 assumed --] [-- Attachment #1.2: 0001-guix-install.sh-Explicitly-set-root-s-home-directory.patch --] [-- Type: text/x-patch, Size: 4310 bytes --] From 3a774d199a59308c3a8e423b6093cd174c9384e4 Mon Sep 17 00:00:00 2001 From: Chris Marusich <cmmarusich@gmail.com> Date: Sun, 25 Mar 2018 06:47:42 +0200 Subject: [PATCH] guix-install.sh: Explicitly set root's home directory. * etc/guix-install.sh (ROOT_HOME): New variable. (sys_create_store, sys_enable_guix_daemon, sys_authorize_build_farms): Use ROOT_HOME instead of ~root or the HOME environment variable. * doc/guix.texi (Binary Installation): Instead of assuming that $HOME refers to root's directory simply because commands are being run as root, explicilty refer to it via ~root. Fixes: <https://bugs.gnu.org/30728> --- doc/guix.texi | 2 +- etc/guix-install.sh | 19 ++++++++++++------- 2 files changed, 13 insertions(+), 8 deletions(-) diff --git a/doc/guix.texi b/doc/guix.texi index 49b3dd10d..285f0c300 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -482,7 +482,7 @@ Source @file{etc/profile} to augment @code{PATH} and other relevant environment variables: @example -# GUIX_PROFILE=$HOME/.guix-profile ; \ +# GUIX_PROFILE="`echo ~root`/.guix-profile" ; \ source $GUIX_PROFILE/etc/profile @end example diff --git a/etc/guix-install.sh b/etc/guix-install.sh index 933492a33..78cd7580b 100755 --- a/etc/guix-install.sh +++ b/etc/guix-install.sh @@ -50,6 +50,11 @@ DEBUG=0 GNU_URL="https://alpha.gnu.org/gnu/guix/" OPENPGP_SIGNING_KEY_ID="3CE464558A84FDC69DB40CFB090B11993D9AEBB5" +# This script needs to know where root's home directory is. However, we +# cannot simply use the HOME environment variable, since there is no guarantee +# that it points to root's home directory. +ROOT_HOME="$(echo ~root)" + # ------------------------------------------------------------------------------ #+UTILITIES @@ -264,9 +269,9 @@ sys_create_store() _msg "${INF}Linking the root user's profile" ln -sf /var/guix/profiles/per-user/root/guix-profile \ - ~root/.guix-profile + "${ROOT_HOME}/.guix-profile" - GUIX_PROFILE="${HOME}/.guix-profile" + GUIX_PROFILE="${ROOT_HOME}/.guix-profile" source "${GUIX_PROFILE}/etc/profile" _msg "${PAS}activated root profile at /root/.guix-profile" } @@ -316,13 +321,13 @@ sys_enable_guix_daemon() case "$INIT_SYS" in upstart) { initctl reload-configuration; - cp ~root/.guix-profile/lib/upstart/system/guix-daemon.conf \ + cp "${ROOT_HOME}/.guix-profile/lib/upstart/system/guix-daemon.conf" \ /etc/init/ && start guix-daemon; } && _msg "${PAS}enabled Guix daemon via upstart" ;; systemd) - { cp ~root/.guix-profile/lib/systemd/system/guix-daemon.service \ + { cp "${ROOT_HOME}/.guix-profile/lib/systemd/system/guix-daemon.service" \ /etc/systemd/system/; chmod 664 /etc/systemd/system/guix-daemon.service; systemctl daemon-reload && @@ -332,7 +337,7 @@ sys_enable_guix_daemon() ;; NA|*) _msg "${ERR}unsupported init system; run the daemon manually:" - echo " ~root/.guix-profile/bin/guix-daemon --build-users-group=guixbuild" + echo " ${ROOT_HOME}/.guix-profile/bin/guix-daemon --build-users-group=guixbuild" ;; esac @@ -352,9 +357,9 @@ sys_authorize_build_farms() while true; do read -p "Permit downloading pre-built package binaries from the project's build farms? (yes/no) " yn case $yn in - [Yy]*) guix archive --authorize < ~root/.guix-profile/share/guix/hydra.gnu.org.pub && + [Yy]*) guix archive --authorize < "${ROOT_HOME}/.guix-profile/share/guix/hydra.gnu.org.pub" && _msg "${PAS}Authorized public key for hydra.gnu.org"; - guix archive --authorize < ~root/.guix-profile/share/guix/berlin.guixsd.org.pub && + guix archive --authorize < "${ROOT_HOME}/.guix-profile/share/guix/berlin.guixsd.org.pub" && _msg "${PAS}Authorized public key for berlin.guixsd.org"; break;; [Nn]*) _msg "${INF}Skipped authorizing build farm public keys" -- 2.15.1 [-- Attachment #2: signature.asc --] [-- Type: application/pgp-signature, Size: 832 bytes --] ^ permalink raw reply related [flat|nested] 14+ messages in thread
* bug#30728: guix-install.sh doesn't work if run with "sudo" 2018-03-25 5:16 ` Chris Marusich @ 2018-03-26 8:05 ` Clément Lassieur 2018-03-26 9:18 ` Marius Bakke 2018-03-27 7:46 ` Ricardo Wurmus 0 siblings, 2 replies; 14+ messages in thread From: Clément Lassieur @ 2018-03-26 8:05 UTC (permalink / raw) To: Chris Marusich; +Cc: 30728 Hi Chris, Chris Marusich <cmmarusich@gmail.com> writes: > Clément Lassieur <clement@lassieur.org> writes: > >> Clément Lassieur <clement@lassieur.org> writes: >> >>> Hi, >>> >>> My system is Ubuntu 16.04. >>> >>> I ran './guix-install.sh' and got the message: "This script must be run >>> as root.". So I ran 'sudo ./guix-install.sh' and got an error message >>> saying that: >>> >>> GUIX_PROFILE="${HOME}/.guix-profile" >>> source "${GUIX_PROFILE}/etc/profile" >>> >>> the 'source' command doesn't work because ${GUIX_PROFILE} was never >>> created, ${HOME} being /home/clement, not /root. >>> >>> To recover from this I had to manually delete /var/guix and /gnu, log as >>> root with 'su', and start again. >>> >>> Clément >> >> I believe the script should install Guix in the user's home directory, >> not in ~root. > > The manual says (see: (guix) Binary Installation): > > 3. Make ‘root’’s profile available under ‘~/.guix-profile’: > > # ln -sf /var/guix/profiles/per-user/root/guix-profile \ > ~root/.guix-profile I think the manual is wrong here. This only makes sense if the user is 'root'. Otherwise, the user would expect Guix to be installed in their home, not in root's home. We could use the HOME and USER environment variables like this: # ln -sf /var/guix/profiles/per-user/$USER/guix-profile $HOME/.guix-profile Thus, even if 'sudo' decides to change these environment variables, it will still be consistent. > Source ‘etc/profile’ to augment ‘PATH’ and other relevant > environment variables: > > # GUIX_PROFILE=$HOME/.guix-profile ; \ > source $GUIX_PROFILE/etc/profile > > I believe the expectation here is that $HOME will expand to root's home > directory. Look at the previous ln invocation: we set up a symlink for > the .guix-profile in root's home directory, so it's pretty clear that > $HOME/.guix-profile is supposed to point to that profile. > > I think there is a tacit assumption in the manual and the > guix-install.sh script that the HOME environment variable will refer to > root's home directory, which is not always true. For example, on > current Ubuntu, if you run sudo with no arguments, you will find that > the HOME environment variable still points to your unprivileged user's > home directory, not to root's home directory. This is because sudo can > be configured in many ways, and on Ubuntu, they have chosen to configure > it in that way. On other systems, it might behave differently. ^ permalink raw reply [flat|nested] 14+ messages in thread
* bug#30728: guix-install.sh doesn't work if run with "sudo" 2018-03-26 8:05 ` Clément Lassieur @ 2018-03-26 9:18 ` Marius Bakke 2018-03-27 7:46 ` Ricardo Wurmus 1 sibling, 0 replies; 14+ messages in thread From: Marius Bakke @ 2018-03-26 9:18 UTC (permalink / raw) To: Clément Lassieur, Chris Marusich; +Cc: 30728 [-- Attachment #1: Type: text/plain, Size: 1985 bytes --] Clément Lassieur <clement@lassieur.org> writes: > Hi Chris, > > Chris Marusich <cmmarusich@gmail.com> writes: > >> Clément Lassieur <clement@lassieur.org> writes: >> >>> Clément Lassieur <clement@lassieur.org> writes: >>> >>>> Hi, >>>> >>>> My system is Ubuntu 16.04. >>>> >>>> I ran './guix-install.sh' and got the message: "This script must be run >>>> as root.". So I ran 'sudo ./guix-install.sh' and got an error message >>>> saying that: >>>> >>>> GUIX_PROFILE="${HOME}/.guix-profile" >>>> source "${GUIX_PROFILE}/etc/profile" >>>> >>>> the 'source' command doesn't work because ${GUIX_PROFILE} was never >>>> created, ${HOME} being /home/clement, not /root. >>>> >>>> To recover from this I had to manually delete /var/guix and /gnu, log as >>>> root with 'su', and start again. >>>> >>>> Clément >>> >>> I believe the script should install Guix in the user's home directory, >>> not in ~root. >> >> The manual says (see: (guix) Binary Installation): >> >> 3. Make ‘root’’s profile available under ‘~/.guix-profile’: >> >> # ln -sf /var/guix/profiles/per-user/root/guix-profile \ >> ~root/.guix-profile > > I think the manual is wrong here. This only makes sense if the user is > 'root'. Otherwise, the user would expect Guix to be installed in their > home, not in root's home. We could use the HOME and USER environment > variables like this: > > # ln -sf /var/guix/profiles/per-user/$USER/guix-profile $HOME/.guix-profile > > Thus, even if 'sudo' decides to change these environment variables, it > will still be consistent. The binary installation tarball only comes with a profile for 'root'. The problem is that the installation script assumes $HOME will expand to ~root when sourcing the profile, but as you found that isn't always the case. ~root/.guix-profile is "hard-coded" many other places in the script, so Tatianas solution seems sensible to me. [-- Attachment #2: signature.asc --] [-- Type: application/pgp-signature, Size: 487 bytes --] ^ permalink raw reply [flat|nested] 14+ messages in thread
* bug#30728: guix-install.sh doesn't work if run with "sudo" 2018-03-26 8:05 ` Clément Lassieur 2018-03-26 9:18 ` Marius Bakke @ 2018-03-27 7:46 ` Ricardo Wurmus 2018-03-27 9:11 ` Clément Lassieur 1 sibling, 1 reply; 14+ messages in thread From: Ricardo Wurmus @ 2018-03-27 7:46 UTC (permalink / raw) To: Clément Lassieur; +Cc: 30728 Clément Lassieur <clement@lassieur.org> writes: >> The manual says (see: (guix) Binary Installation): >> >> 3. Make ‘root’’s profile available under ‘~/.guix-profile’: >> >> # ln -sf /var/guix/profiles/per-user/root/guix-profile \ >> ~root/.guix-profile > > I think the manual is wrong here. This only makes sense if the user is > 'root'. Otherwise, the user would expect Guix to be installed in their > home, not in root's home. Step 2 says “As root, run: […]”. “~root” resolves to “/root”, not to “$HOME/root”, so it even works when run as a regular user. The manual seems correct to me and this is what the script aims to implement. -- Ricardo GPG: BCA6 89B6 3655 3801 C3C6 2150 197A 5888 235F ACAC https://elephly.net ^ permalink raw reply [flat|nested] 14+ messages in thread
* bug#30728: guix-install.sh doesn't work if run with "sudo" 2018-03-27 7:46 ` Ricardo Wurmus @ 2018-03-27 9:11 ` Clément Lassieur 2018-03-27 16:08 ` Chris Marusich 0 siblings, 1 reply; 14+ messages in thread From: Clément Lassieur @ 2018-03-27 9:11 UTC (permalink / raw) To: Ricardo Wurmus; +Cc: 30728 Ricardo Wurmus <rekado@elephly.net> writes: > Clément Lassieur <clement@lassieur.org> writes: > >>> The manual says (see: (guix) Binary Installation): >>> >>> 3. Make ‘root’’s profile available under ‘~/.guix-profile’: >>> >>> # ln -sf /var/guix/profiles/per-user/root/guix-profile \ >>> ~root/.guix-profile >> >> I think the manual is wrong here. This only makes sense if the user is >> 'root'. Otherwise, the user would expect Guix to be installed in their >> home, not in root's home. > > Step 2 says “As root, run: […]”. “~root” resolves to “/root”, not to > “$HOME/root”, so it even works when run as a regular user. > > The manual seems correct to me and this is what the script aims to > implement. But ~/.guix-profile may resolve to /home/user/.guix-profile. So it should be ~root/.guix-profile instead of ~/.guix-profile. ^ permalink raw reply [flat|nested] 14+ messages in thread
* bug#30728: guix-install.sh doesn't work if run with "sudo" 2018-03-27 9:11 ` Clément Lassieur @ 2018-03-27 16:08 ` Chris Marusich 2018-03-28 19:24 ` Ricardo Wurmus 2018-03-29 8:04 ` Clément Lassieur 0 siblings, 2 replies; 14+ messages in thread From: Chris Marusich @ 2018-03-27 16:08 UTC (permalink / raw) To: Clément Lassieur; +Cc: 30728 [-- Attachment #1.1: Type: text/plain, Size: 1704 bytes --] Clément Lassieur <clement@lassieur.org> writes: > Ricardo Wurmus <rekado@elephly.net> writes: > >> Clément Lassieur <clement@lassieur.org> writes: >> >>>> The manual says (see: (guix) Binary Installation): >>>> >>>> 3. Make ‘root’’s profile available under ‘~/.guix-profile’: >>>> >>>> # ln -sf /var/guix/profiles/per-user/root/guix-profile \ >>>> ~root/.guix-profile >>> >>> I think the manual is wrong here. This only makes sense if the user is >>> 'root'. Otherwise, the user would expect Guix to be installed in their >>> home, not in root's home. >> >> Step 2 says “As root, run: […]”. “~root” resolves to “/root”, not to >> “$HOME/root”, so it even works when run as a regular user. >> >> The manual seems correct to me and this is what the script aims to >> implement. > > But ~/.guix-profile may resolve to /home/user/.guix-profile. So it > should be ~root/.guix-profile instead of ~/.guix-profile. Ah, I think I now see the cause of our miscommunication. It's possible to interpret the manual's use of ~ and $HOME to mean "the unprivileged user's home directory", instead of "root's home directory". I think that's a mistake in the manual, since the "ln" clearly makes root's profile available under root's home directory, and the step involving $HOME doesn't make sense unless $HOME expands to root's home directory. I've updated my patch; it now also changes the following line... 3. Make ‘root’’s profile available under ‘~/.guix-profile’: ...to this: 3. Make ‘root’’s profile available under ‘~root/.guix-profile’: How does that sound? -- Chris [-- Warning: decoded text below may be mangled, UTF-8 assumed --] [-- Attachment #1.2: 0001-guix-install.sh-Explicitly-set-root-s-home-directory.patch --] [-- Type: text/x-patch, Size: 4648 bytes --] From 8e23b7ee5a3b5c600fcd5e29f08458f33cf37c66 Mon Sep 17 00:00:00 2001 From: Chris Marusich <cmmarusich@gmail.com> Date: Sun, 25 Mar 2018 06:47:42 +0200 Subject: [PATCH] guix-install.sh: Explicitly set root's home directory. * etc/guix-install.sh (ROOT_HOME): New variable. (sys_create_store, sys_enable_guix_daemon, sys_authorize_build_farms): Use ROOT_HOME instead of ~root or the HOME environment variable. * doc/guix.texi (Binary Installation): Instead of assuming that ~ and $HOME refer to root's directory simply because commands are being run as root, explicilty refer to it via ~root. Fixes: <https://bugs.gnu.org/30728> --- doc/guix.texi | 4 ++-- etc/guix-install.sh | 19 ++++++++++++------- 2 files changed, 14 insertions(+), 9 deletions(-) diff --git a/doc/guix.texi b/doc/guix.texi index 49b3dd10d..aab3a7273 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -471,7 +471,7 @@ archive content is independent of its creation time, thus making it reproducible. @item -Make @code{root}'s profile available under @file{~/.guix-profile}: +Make @code{root}'s profile available under @file{~root/.guix-profile}: @example # ln -sf /var/guix/profiles/per-user/root/guix-profile \ @@ -482,7 +482,7 @@ Source @file{etc/profile} to augment @code{PATH} and other relevant environment variables: @example -# GUIX_PROFILE=$HOME/.guix-profile ; \ +# GUIX_PROFILE="`echo ~root`/.guix-profile" ; \ source $GUIX_PROFILE/etc/profile @end example diff --git a/etc/guix-install.sh b/etc/guix-install.sh index 933492a33..78cd7580b 100755 --- a/etc/guix-install.sh +++ b/etc/guix-install.sh @@ -50,6 +50,11 @@ DEBUG=0 GNU_URL="https://alpha.gnu.org/gnu/guix/" OPENPGP_SIGNING_KEY_ID="3CE464558A84FDC69DB40CFB090B11993D9AEBB5" +# This script needs to know where root's home directory is. However, we +# cannot simply use the HOME environment variable, since there is no guarantee +# that it points to root's home directory. +ROOT_HOME="$(echo ~root)" + # ------------------------------------------------------------------------------ #+UTILITIES @@ -264,9 +269,9 @@ sys_create_store() _msg "${INF}Linking the root user's profile" ln -sf /var/guix/profiles/per-user/root/guix-profile \ - ~root/.guix-profile + "${ROOT_HOME}/.guix-profile" - GUIX_PROFILE="${HOME}/.guix-profile" + GUIX_PROFILE="${ROOT_HOME}/.guix-profile" source "${GUIX_PROFILE}/etc/profile" _msg "${PAS}activated root profile at /root/.guix-profile" } @@ -316,13 +321,13 @@ sys_enable_guix_daemon() case "$INIT_SYS" in upstart) { initctl reload-configuration; - cp ~root/.guix-profile/lib/upstart/system/guix-daemon.conf \ + cp "${ROOT_HOME}/.guix-profile/lib/upstart/system/guix-daemon.conf" \ /etc/init/ && start guix-daemon; } && _msg "${PAS}enabled Guix daemon via upstart" ;; systemd) - { cp ~root/.guix-profile/lib/systemd/system/guix-daemon.service \ + { cp "${ROOT_HOME}/.guix-profile/lib/systemd/system/guix-daemon.service" \ /etc/systemd/system/; chmod 664 /etc/systemd/system/guix-daemon.service; systemctl daemon-reload && @@ -332,7 +337,7 @@ sys_enable_guix_daemon() ;; NA|*) _msg "${ERR}unsupported init system; run the daemon manually:" - echo " ~root/.guix-profile/bin/guix-daemon --build-users-group=guixbuild" + echo " ${ROOT_HOME}/.guix-profile/bin/guix-daemon --build-users-group=guixbuild" ;; esac @@ -352,9 +357,9 @@ sys_authorize_build_farms() while true; do read -p "Permit downloading pre-built package binaries from the project's build farms? (yes/no) " yn case $yn in - [Yy]*) guix archive --authorize < ~root/.guix-profile/share/guix/hydra.gnu.org.pub && + [Yy]*) guix archive --authorize < "${ROOT_HOME}/.guix-profile/share/guix/hydra.gnu.org.pub" && _msg "${PAS}Authorized public key for hydra.gnu.org"; - guix archive --authorize < ~root/.guix-profile/share/guix/berlin.guixsd.org.pub && + guix archive --authorize < "${ROOT_HOME}/.guix-profile/share/guix/berlin.guixsd.org.pub" && _msg "${PAS}Authorized public key for berlin.guixsd.org"; break;; [Nn]*) _msg "${INF}Skipped authorizing build farm public keys" -- 2.15.1 [-- Attachment #2: signature.asc --] [-- Type: application/pgp-signature, Size: 832 bytes --] ^ permalink raw reply related [flat|nested] 14+ messages in thread
* bug#30728: guix-install.sh doesn't work if run with "sudo" 2018-03-27 16:08 ` Chris Marusich @ 2018-03-28 19:24 ` Ricardo Wurmus 2018-03-29 5:07 ` Chris Marusich 2018-03-29 7:48 ` Clément Lassieur 2018-03-29 8:04 ` Clément Lassieur 1 sibling, 2 replies; 14+ messages in thread From: Ricardo Wurmus @ 2018-03-28 19:24 UTC (permalink / raw) To: Chris Marusich; +Cc: 30728, Clément Lassieur Hi Chris, > I've updated my patch; it now also changes the following line... > > 3. Make ‘root’’s profile available under ‘~/.guix-profile’: > > ...to this: > > 3. Make ‘root’’s profile available under ‘~root/.guix-profile’: > > How does that sound? This looks good to me. Thank you! -- Ricardo GPG: BCA6 89B6 3655 3801 C3C6 2150 197A 5888 235F ACAC https://elephly.net ^ permalink raw reply [flat|nested] 14+ messages in thread
* bug#30728: guix-install.sh doesn't work if run with "sudo" 2018-03-28 19:24 ` Ricardo Wurmus @ 2018-03-29 5:07 ` Chris Marusich 2018-03-29 8:26 ` Clément Lassieur 2018-03-29 7:48 ` Clément Lassieur 1 sibling, 1 reply; 14+ messages in thread From: Chris Marusich @ 2018-03-29 5:07 UTC (permalink / raw) To: Ricardo Wurmus; +Cc: Clément Lassieur, 30728-done [-- Attachment #1: Type: text/plain, Size: 415 bytes --] Hi everyone, Ricardo Wurmus <rekado@elephly.net> writes: > This looks good to me. Thank you! I've committed this as 3cd4447f5639f45b7d833f6fb2adce11ea15ba1d. If anybody has additional concerns about the installation script or the installation instructions, please open a new bug report for it and we can discuss the topic further there. Thank you for reporting this issue, Clément! -- Chris [-- Attachment #2: signature.asc --] [-- Type: application/pgp-signature, Size: 832 bytes --] ^ permalink raw reply [flat|nested] 14+ messages in thread
* bug#30728: guix-install.sh doesn't work if run with "sudo" 2018-03-29 5:07 ` Chris Marusich @ 2018-03-29 8:26 ` Clément Lassieur 0 siblings, 0 replies; 14+ messages in thread From: Clément Lassieur @ 2018-03-29 8:26 UTC (permalink / raw) To: Chris Marusich; +Cc: 30728-done Chris Marusich <cmmarusich@gmail.com> writes: > Hi everyone, > > Ricardo Wurmus <rekado@elephly.net> writes: > >> This looks good to me. Thank you! > > I've committed this as 3cd4447f5639f45b7d833f6fb2adce11ea15ba1d. If > anybody has additional concerns about the installation script or the > installation instructions, please open a new bug report for it and we > can discuss the topic further there. > > Thank you for reporting this issue, Clément! You're welcome Chris, thanks for the patch. :-) ^ permalink raw reply [flat|nested] 14+ messages in thread
* bug#30728: guix-install.sh doesn't work if run with "sudo" 2018-03-28 19:24 ` Ricardo Wurmus 2018-03-29 5:07 ` Chris Marusich @ 2018-03-29 7:48 ` Clément Lassieur 2018-03-29 10:07 ` Ricardo Wurmus 1 sibling, 1 reply; 14+ messages in thread From: Clément Lassieur @ 2018-03-29 7:48 UTC (permalink / raw) To: Ricardo Wurmus; +Cc: 30728 Ricardo Wurmus <rekado@elephly.net> writes: > Hi Chris, > >> I've updated my patch; it now also changes the following line... >> >> 3. Make ‘root’’s profile available under ‘~/.guix-profile’: >> >> ...to this: >> >> 3. Make ‘root’’s profile available under ‘~root/.guix-profile’: >> >> How does that sound? > > This looks good to me. Thank you! I am surprised that you didn't comment on https://debbugs.gnu.org/cgi/bugreport.cgi?bug=30728#32 (where I explain to you why I disagree with Guix being installed in ~root) before saying LGTM. ^ permalink raw reply [flat|nested] 14+ messages in thread
* bug#30728: guix-install.sh doesn't work if run with "sudo" 2018-03-29 7:48 ` Clément Lassieur @ 2018-03-29 10:07 ` Ricardo Wurmus 2018-03-30 22:07 ` Clément Lassieur 0 siblings, 1 reply; 14+ messages in thread From: Ricardo Wurmus @ 2018-03-29 10:07 UTC (permalink / raw) To: Clément Lassieur; +Cc: 30728 Hi Clément, > I am surprised that you didn't comment on > https://debbugs.gnu.org/cgi/bugreport.cgi?bug=30728#32 (where I explain > to you why I disagree with Guix being installed in ~root) before saying > LGTM. Don’t be surprised: there are too many emails and I’m bound to forget about some. My apologies for not repyling to your email earlier. I read your mail but I disagree with the conclusions. It is not the job of the installer script to install Guix for a particular user. It is for a site-wide installation, including the set up of the daemon and a service script. These things must happen as root. The idea is that Guix is installed for the whole site and made available to all users. Individual users can then choose to use “guix pull” to control their own version of Guix. I consider it inelegant and dangerous to make the Guix installation of an unprivileged user the variant of Guix that is used by all users on the system. Having it managed by the root user avoids surprises, even on single-user systems, because the implication is that changes to the root user’s Guix installation have system-wide effects. The proposed patch is small and fixes the bug with regard to the intention behind the script, so I’m happy to accept it. -- Ricardo GPG: BCA6 89B6 3655 3801 C3C6 2150 197A 5888 235F ACAC https://elephly.net ^ permalink raw reply [flat|nested] 14+ messages in thread
* bug#30728: guix-install.sh doesn't work if run with "sudo" 2018-03-29 10:07 ` Ricardo Wurmus @ 2018-03-30 22:07 ` Clément Lassieur 0 siblings, 0 replies; 14+ messages in thread From: Clément Lassieur @ 2018-03-30 22:07 UTC (permalink / raw) To: Ricardo Wurmus; +Cc: 30728 Hi Ricardo, Ricardo Wurmus <rekado@elephly.net> writes: > Hi Clément, > >> I am surprised that you didn't comment on >> https://debbugs.gnu.org/cgi/bugreport.cgi?bug=30728#32 (where I explain >> to you why I disagree with Guix being installed in ~root) before saying >> LGTM. > > Don’t be surprised: there are too many emails and I’m bound to forget > about some. My apologies for not repyling to your email earlier. Thank you for your reply. :-) I definitely understand. > I read your mail but I disagree with the conclusions. It is not the job > of the installer script to install Guix for a particular user. It is > for a site-wide installation, including the set up of the daemon and a > service script. These things must happen as root. The idea is that > Guix is installed for the whole site and made available to all users. The installation must happen with root privileges, but that doesn't mean that Guix should be installed in ~root, because root is a particular user. See http://www.linfo.org/root.html: "/root contains configuration files for the root account, just as each ordinary user's home directory." Thus I don't think things in ~root should be site-wide, and I have never seen such things. Site-wide stuff is usually in /var, /etc, etc. (Which is not what I'm asking for, but in the long term it would be better, in my opinion.) > Individual users can then choose to use “guix pull” to control their own > version of Guix. And they will typically forget to update the daemon (and the site-wide Guix). Allowing a user to be responsible for updating Guix makes it more likely to be updated. Much more likely if the user doesn't need to handle two different Guix installations. > I consider it inelegant and dangerous to make the Guix installation of > an unprivileged user the variant of Guix that is used by all users on > the system. Having it managed by the root user avoids surprises, even > on single-user systems, because the implication is that changes to the > root user’s Guix installation have system-wide effects. I agree that those system-wide effects are not ideal, but I don't think it's worse than the system-wide effects from ~root. The implication you are talking about isn't obvious to me, because root is a user as every other, the only difference being its power. Things root does shouldn't have system-wide effects either. And I wasn't asking to install Guix in the user's home, rather to let them choose between two imperfect solutions. In other words, to give them more freedom. For example if the user does 'sudo -E ./guix-install.sh', Guix would be installed in their home, whereas if the user does 'sudo -H ./guix-install.sh', Guix would be installed in ~root. Your script is very useful anyway, thank you for it! Clément ^ permalink raw reply [flat|nested] 14+ messages in thread
* bug#30728: guix-install.sh doesn't work if run with "sudo" 2018-03-27 16:08 ` Chris Marusich 2018-03-28 19:24 ` Ricardo Wurmus @ 2018-03-29 8:04 ` Clément Lassieur 1 sibling, 0 replies; 14+ messages in thread From: Clément Lassieur @ 2018-03-29 8:04 UTC (permalink / raw) To: Chris Marusich; +Cc: 30728 Chris Marusich <cmmarusich@gmail.com> writes: > Clément Lassieur <clement@lassieur.org> writes: > >> Ricardo Wurmus <rekado@elephly.net> writes: >> >>> Clément Lassieur <clement@lassieur.org> writes: >>> >>>>> The manual says (see: (guix) Binary Installation): >>>>> >>>>> 3. Make ‘root’’s profile available under ‘~/.guix-profile’: >>>>> >>>>> # ln -sf /var/guix/profiles/per-user/root/guix-profile \ >>>>> ~root/.guix-profile >>>> >>>> I think the manual is wrong here. This only makes sense if the user is >>>> 'root'. Otherwise, the user would expect Guix to be installed in their >>>> home, not in root's home. >>> >>> Step 2 says “As root, run: […]”. “~root” resolves to “/root”, not to >>> “$HOME/root”, so it even works when run as a regular user. >>> >>> The manual seems correct to me and this is what the script aims to >>> implement. >> >> But ~/.guix-profile may resolve to /home/user/.guix-profile. So it >> should be ~root/.guix-profile instead of ~/.guix-profile. > > Ah, I think I now see the cause of our miscommunication. > > It's possible to interpret the manual's use of ~ and $HOME to mean "the > unprivileged user's home directory", instead of "root's home directory". > I think that's a mistake in the manual, since the "ln" clearly makes > root's profile available under root's home directory, and the step > involving $HOME doesn't make sense unless $HOME expands to root's home > directory. > > I've updated my patch; it now also changes the following line... > > 3. Make ‘root’’s profile available under ‘~/.guix-profile’: > > ...to this: > > 3. Make ‘root’’s profile available under ‘~root/.guix-profile’: > > How does that sound? This fixes the documentation inconsistency, but I still think Guix shouldn't be installed in ~root (as I explain there: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=30728#32). ^ permalink raw reply [flat|nested] 14+ messages in thread
end of thread, other threads:[~2018-03-30 22:08 UTC | newest] Thread overview: 14+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- [not found] <87zi3lh6mb.fsf@lassieur.org> 2018-03-23 13:20 ` bug#30728: guix-install.sh doesn't work if run with "sudo" Clément Lassieur 2018-03-25 5:16 ` Chris Marusich 2018-03-26 8:05 ` Clément Lassieur 2018-03-26 9:18 ` Marius Bakke 2018-03-27 7:46 ` Ricardo Wurmus 2018-03-27 9:11 ` Clément Lassieur 2018-03-27 16:08 ` Chris Marusich 2018-03-28 19:24 ` Ricardo Wurmus 2018-03-29 5:07 ` Chris Marusich 2018-03-29 8:26 ` Clément Lassieur 2018-03-29 7:48 ` Clément Lassieur 2018-03-29 10:07 ` Ricardo Wurmus 2018-03-30 22:07 ` Clément Lassieur 2018-03-29 8:04 ` Clément Lassieur
Code repositories for project(s) associated with this public inbox https://git.savannah.gnu.org/cgit/guix.git This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).