From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp11.migadu.com ([2001:41d0:8:6d80::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms5.migadu.com with LMTPS id 2EaVAIy532I6UAEAbAwnHQ (envelope-from ) for ; Tue, 26 Jul 2022 11:53:16 +0200 Received: from aspmx1.migadu.com ([2001:41d0:8:6d80::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp11.migadu.com with LMTPS id 4P6EAIy532Kr7wAA9RJhRA (envelope-from ) for ; Tue, 26 Jul 2022 11:53:16 +0200 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 9B5FC18099 for ; Tue, 26 Jul 2022 11:53:15 +0200 (CEST) Received: from localhost ([::1]:48210 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1oGHFZ-0005Wm-Sr for larch@yhetil.org; Tue, 26 Jul 2022 05:53:13 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:60264) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1oGGnK-0004ih-Ks for bug-guix@gnu.org; Tue, 26 Jul 2022 05:24:04 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:34251) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1oGGnK-0005bw-Ck for bug-guix@gnu.org; Tue, 26 Jul 2022 05:24:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1oGGnJ-0001hL-SQ for bug-guix@gnu.org; Tue, 26 Jul 2022 05:24:01 -0400 X-Loop: help-debbugs@gnu.org Subject: bug#56669: enhancement: Link guix system and guix home Resent-From: Andrew Tropin Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Tue, 26 Jul 2022 09:24:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 56669 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: Maxime Devos , guix-bug-va9nk6@rdmp.org, 56669@debbugs.gnu.org Cc: Tissevert Received: via spool by 56669-submit@debbugs.gnu.org id=B56669.16588273976469 (code B ref 56669); Tue, 26 Jul 2022 09:24:01 +0000 Received: (at 56669) by debbugs.gnu.org; 26 Jul 2022 09:23:17 +0000 Received: from localhost ([127.0.0.1]:52233 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1oGGmb-0001gG-3D for submit@debbugs.gnu.org; Tue, 26 Jul 2022 05:23:17 -0400 Received: from relay7-d.mail.gandi.net ([217.70.183.200]:45117) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1oGGmX-0001fz-MQ for 56669@debbugs.gnu.org; Tue, 26 Jul 2022 05:23:15 -0400 Received: (Authenticated sender: andrew@trop.in) by mail.gandi.net (Postfix) with ESMTPSA id 2684D20019; Tue, 26 Jul 2022 09:23:05 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=trop.in; s=gm1; t=1658827387; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=qfUgEilfGlEB576k6BWLIZTsLjlbkoR0ouJHJPAepQA=; b=ZjVLFviLg9NR26RmY8rb0cqu18kjAR5YUArTh+LHOTJwlytdhiIvdjO6w/XN/43ojJJgD3 N53Q1kFvETdEAaC8dBOSAc709KC37sncM86qdvXxuQREzhMpIvOcisCYc/3Bro1HM8d9wy 6KV+47bCTr58xgvL3+R9GaO/6IKjyMFUuBnjHdIbDFhTypKP1+aNI8hMpEA5AiPRvMmPNS 54PdznOeZtcIKK17dMxdk4+VihbKGK3MVeLdoZ4Yose7xKGe2tBYeEj2FFieyUdSSIBxpi 4YMczEHg9/I4WiNh4PrCbO234ywi/Reluuo9cxYFjP++cjEWe/OiHYzs+vo1lQ== From: Andrew Tropin In-Reply-To: References: <63960cf762aec1ed2c4182f49cac66bc37fce2aa.camel@rdmp.org> <87o7xjbrb1.fsf@trop.in> <87k086crtr.fsf@trop.in> Date: Tue, 26 Jul 2022 12:23:02 +0300 Message-ID: <87sfmo8byh.fsf@trop.in> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-guix@gnu.org List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org Sender: "bug-Guix" X-Migadu-Flow: FLOW_IN X-Migadu-To: larch@yhetil.org X-Migadu-Country: US ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1658829195; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:resent-cc:resent-from:resent-sender: resent-message-id:in-reply-to:in-reply-to:references:references: list-id:list-help:list-unsubscribe:list-subscribe:list-post: dkim-signature; bh=qfUgEilfGlEB576k6BWLIZTsLjlbkoR0ouJHJPAepQA=; b=QWdEY1Wdv3RWnESwqaIQ319pFLlHUw0O1w8xzQoKvkjmqfUV3MbWIueI0BRok+pXwsXvxM prE0rDWe/zxuFKhZlRSxPCf+AHStQJL5/zpV+k8Rmj6ejfIuiQg6ZPpXpWQH0voCh85i7w 2wYpZtkKeDcfioqoRSqd0giSVfTU6rsWR90p1mhAkPNUdSDSh0sb8o0uqYVJoilVGQH1wA b3Dls7hQL2zfuauAORfAF75Bl9ckYBXFERN2M2HmlN0mTgVATwObMOOaNd/HJkqm3sWNyE vhVcMyIrHIJGiU/+h18RJ0nz7WW/s8EG+uvAR5l6lxJmHpA5dn46x5yOgpvraw== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1658829195; a=rsa-sha256; cv=none; b=mo4Hu7fCjRpJpbdCD34vz+JQVIye5Y69TllSTm6w8cUnYAzuFz8OghpAO01hOa7d71O6YG vA5mAQskk9/DCJT5zpe37fBZyEYHaKVZwPuWvriiDNuBOjFtxf6c6cJaQH+UbEW9Um4X6X BCvJk7yrtkPXA75E4XMUt6XelcTH5RSieJCDA/zr4sWiXP2mafImbjbH2ghJSzC23Hjpih nCZdjeWw5s4v/Rzoc2pKo8MCRT7kcP83uE0dughjE8ACmtojgugLHmOsdJf4bEoDuAZZ5Z jBUL+Scm7k4XJMl92iQ29TCUwk7v//zMkzdmpdFEoeKheATubvg4+WPnTnzoHQ== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=trop.in header.s=gm1 header.b=ZjVLFviL; dmarc=none; spf=pass (aspmx1.migadu.com: domain of "bug-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="bug-guix-bounces+larch=yhetil.org@gnu.org" X-Migadu-Spam-Score: 0.87 Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=trop.in header.s=gm1 header.b=ZjVLFviL; dmarc=none; spf=pass (aspmx1.migadu.com: domain of "bug-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="bug-guix-bounces+larch=yhetil.org@gnu.org" X-Migadu-Queue-Id: 9B5FC18099 X-Spam-Score: 0.87 X-Migadu-Scanner: scn0.migadu.com X-TUID: GyGsGfCOfXWc --=-=-= Content-Type: text/plain Content-Transfer-Encoding: quoted-printable On 2022-07-21 19:25, Maxime Devos wrote: > On 21-07-2022 19:13, Andrew Tropin wrote: > >> The source code is here: >> https://git.sr.ht/~abcdw/rde/commit/c5b4097ab99309ace23e40d957e9fa1f938f= 97e9 > > What's the 'guix-home-gc-roots' for? I would expect the reference=20 > #$(file-append he "/activate") to be sufficient to keep things from=20 > being gc'ed. It was needed while I was testing manual activation without shepherd service, not needed anymore, already removed it locally. > >> +=20 >> =20 >> (start #~(make-forkexec-constructor +=20 >> =20 >> '(#$(file-append he "/activate")) +=20 >> =20 >> #:user #$user +=20 >> =20 >> #:environment-variables +=20 >> =20 >> (list (string-append "HOME=3D" (passwd:dir (getpw #$user)))) +=20 >> =20 >> #:group (group:name (getgrgid (passwd:gid (getpw #$user)))))) > I'm wondering if GUIX_LOCPATH is needed as well. Anyway, if not done=20 > already internally by /activate, you could consider doing it in a=20 > container to reduce potential irreproducibility, or insecurity on=20 > multi-user systems (I'd assume the #:user + #:group to be sufficient for= =20 > security, especially if it appears sufficient for other system services,= =20 > but I'm not some expert on what things need to be set). > It's not set by /activate. >> +=20 >> =20 >> (provision (list (symbol-append 'guix-home- (string->symbol user)))) +=20 >> =20 >> (one-shot? #t) +=20 >> =20 >> (auto-start? #f) > Wouldn't it then be possible for the user to login via the login manager= =20 > before initialisation has completed, as gdm etc don't wait for=20 > guix-home-... currently? You are right, the same as the first one, needed for more manual approach, changed to #t, thank you. Three patches for this service to work is on the way on guix-patches. In the meantime, will try to build livecd with the home environment inside. P.S. Probably this system service is far from final version of this feature, I still think about making home-environment a part of user-account. Will evaluate pros and cons, after I get livecd built successfully. =2D-=20 Best regards, Andrew Tropin --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEKEGaxlA4dEDH6S/6IgjSCVjB3rAFAmLfsnYACgkQIgjSCVjB 3rDxIA//RzUUKtKs5Cvo89KM3aUIMNfRzIxV8mWt65okAMmQ8yspNTdCDAFFd511 hpX17dcpmLRhmo1Hbvylt6nEWPaVIfCrCcNyUbTpPWPxz6g2u/XEm/MQzuC+csov xh8K2SwGsQ33fEBNEGH1NSnIj89y50lmB4C+JQZ3JmkOpMKvRNVqIMl0i2kTKhSP nOUhiNwRtva2IZlCmJwh9ga6jqJYNpAqun+lGwEgSdKapk7PPsoZhfYZCZoIJdvi SDthmIaGuqeizsHQA/qWHB/iwTtK5tHyjSMptciQYizvVdgqXUAdXUxEm0Ztc/G5 aX/Hkin62zvwJVywvKshlM0M37SregIh63yAzhNRKGvPNO8cEdmjO6pBS91TmmgW 3L+rP2tSvVrcsXsjScJgf3jPosN9RECaZTdHmgr4F2FTGYgzoQ3dLqzQYk7e+Y6b isEKJxreblp2yqd+E1CIBetvpl+JYI65qMA9GSXHUvXFr0JyCWI4hirSy4Cfabry fbDQaLD4sKU+UbNpmVfBQ6FzJBNb+0w1yKYtfg/aS1idMzho677tbnTdkxuvNDHe Ua+YLEiS6U6sWvwOnPS7FRnBms2frlYtgNLeI6JnT2YTcw5ez+6nIaHB1z+SpmbK uX1zFdcI4dZD2Vx2TWoWuKGSxMoTN4J3RPDIVg3tJ68ZsZvZAf0= =tPuX -----END PGP SIGNATURE----- --=-=-=--