From mboxrd@z Thu Jan 1 00:00:00 1970
Return-Path:
Received: from mp12.migadu.com ([2001:41d0:8:6d80::])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
by ms5.migadu.com with LMTPS
id cKw2IE6M2WIsUwEAbAwnHQ
(envelope-from )
for ; Thu, 21 Jul 2022 19:26:38 +0200
Received: from aspmx1.migadu.com ([2001:41d0:8:6d80::])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
by mp12.migadu.com with LMTPS
id oIgRIE6M2WJc4gAAauVa8A
(envelope-from )
for ; Thu, 21 Jul 2022 19:26:38 +0200
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by aspmx1.migadu.com (Postfix) with ESMTPS id 1BFDBF719
for ; Thu, 21 Jul 2022 19:26:37 +0200 (CEST)
Received: from localhost ([::1]:39514 helo=lists1p.gnu.org)
by lists.gnu.org with esmtp (Exim 4.90_1)
(envelope-from )
id 1oEZwa-0006X7-LJ
for larch@yhetil.org; Thu, 21 Jul 2022 13:26:36 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:34296)
by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
(Exim 4.90_1) (envelope-from )
id 1oEZw2-0006Wv-S3
for bug-guix@gnu.org; Thu, 21 Jul 2022 13:26:04 -0400
Received: from debbugs.gnu.org ([209.51.188.43]:49268)
by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
(Exim 4.90_1) (envelope-from )
id 1oEZw2-0008F0-JZ
for bug-guix@gnu.org; Thu, 21 Jul 2022 13:26:02 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
(envelope-from ) id 1oEZw2-0003Ym-Fz
for bug-guix@gnu.org; Thu, 21 Jul 2022 13:26:02 -0400
X-Loop: help-debbugs@gnu.org
Subject: bug#56669: enhancement: Link guix system and guix home
Resent-From: Maxime Devos
Original-Sender: "Debbugs-submit"
Resent-CC: bug-guix@gnu.org
Resent-Date: Thu, 21 Jul 2022 17:26:02 +0000
Resent-Message-ID:
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 56669
X-GNU-PR-Package: guix
X-GNU-PR-Keywords:
To: Andrew Tropin , guix-bug-va9nk6@rdmp.org,
56669@debbugs.gnu.org
Cc: Tissevert
Received: via spool by 56669-submit@debbugs.gnu.org id=B56669.165842431913626
(code B ref 56669); Thu, 21 Jul 2022 17:26:02 +0000
Received: (at 56669) by debbugs.gnu.org; 21 Jul 2022 17:25:19 +0000
Received: from localhost ([127.0.0.1]:39017 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from )
id 1oEZvL-0003Xi-AU
for submit@debbugs.gnu.org; Thu, 21 Jul 2022 13:25:19 -0400
Received: from baptiste.telenet-ops.be ([195.130.132.51]:40318)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from ) id 1oEZvF-0003XR-K7
for 56669@debbugs.gnu.org; Thu, 21 Jul 2022 13:25:17 -0400
Received: from [IPV6:2a02:1811:8c09:9d00:5dba:d409:33f7:a16]
([IPv6:2a02:1811:8c09:9d00:5dba:d409:33f7:a16])
by baptiste.telenet-ops.be with bizsmtp
id xtRB2700A20ykKC01tRB9z; Thu, 21 Jul 2022 19:25:11 +0200
Message-ID:
Date: Thu, 21 Jul 2022 19:25:11 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101
Thunderbird/91.11.0
Content-Language: en-US
References: <63960cf762aec1ed2c4182f49cac66bc37fce2aa.camel@rdmp.org>
<87o7xjbrb1.fsf@trop.in> <87k086crtr.fsf@trop.in>
From: Maxime Devos
In-Reply-To: <87k086crtr.fsf@trop.in>
Content-Type: multipart/signed; micalg=pgp-sha256;
protocol="application/pgp-signature";
boundary="------------9wif7DLuRxRzxR8VFIuzPf0u"
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telenet.be; s=r22;
t=1658424312; bh=hEkm8/rZ1m2NBsVkmEzeD1buP+NhuZZxem0NUBy3XQE=;
h=Date:To:Cc:References:From:Subject:In-Reply-To;
b=KJIcLy+4b3R5S0cdJ5sMKqEMxVgBRMwtt337bceLIOwIFAwiRbbFy6ic2BcSio/qh
t1aAmPvH/3AJxmbeEYFOU4eQ4hmWcDrQ64RGdUOaa9oMRI/gXCnMtxvCsl9Wj0pa6P
m5Z4rnwqTK5msy12FCmI+AaZiAz2L1R7MWGA69GIWEdpDP5W7wIEow6sR3657pV1Gm
Sr8jiZEJ+0rlbXqQr5KckV+camWKrqIrC3u7oax099dRDiJNfaxGRn3Iyfff7MrdkQ
RDqlUJ20jiNxvY75ja2LZ3a+SL1J94swF8vv7IKwiPreFyJzKV1EzGp7dEWk2FWzur
THgp7aCnmXtLg==
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-BeenThere: bug-guix@gnu.org
List-Id: Bug reports for GNU Guix
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org
Sender: "bug-Guix"
X-Migadu-Flow: FLOW_IN
X-Migadu-To: larch@yhetil.org
X-Migadu-Country: US
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org;
s=key1; t=1658424398;
h=from:from:sender:sender:reply-to:subject:subject:date:date:
message-id:message-id:to:to:cc:cc:mime-version:mime-version:
content-type:content-type:resent-cc:resent-from:resent-sender:
resent-message-id:in-reply-to:in-reply-to:references:references:
list-id:list-help:list-unsubscribe:list-subscribe:list-post:
dkim-signature; bh=06Gs5wBwjxcfiVayKD6WQntF+ZTa7wUsG02o/U4wrFU=;
b=M6GWFSmVT6rQ6uYISTt5+UqQ/2yk3EFXHoJwhTRmum0bxQeUyn1ArXxGq+hN+CGDF/isfB
U4y+vjanp54WUa6Z3J+gwPlQA+EBMHmYYPMNNCH6XzKraOjL5kQ/ze0RCooeazVWyFUpxp
SoPBbLIUL61YnFCwPUrt0ujuFBgbCPsFw8G4rIPDGNGOlxYrGnnykCbCteRahzJrxoJTd/
lZNTe1Vu+HVm8NejbCdSPawNGh2fZhkQjGjqH/ieng5nq22q5lXn9PI4V4jdKWvSF3mEnc
SIMkaSzhUIYaTi3Z72qbMzJ4YSFbcyeMxDFM7G4PQmzCGmI+s7dI/kwXxX4UNQ==
ARC-Seal: i=1; s=key1; d=yhetil.org; t=1658424398; a=rsa-sha256; cv=none;
b=bWKu/z0gTJmu1MfK87q1xuZVXnR8YM50LVD48XgbC/gFBe4ttLvsjogVSh/Q4PGyPfkL3c
2fSDuOZBg3P4rpTZ3esJB38SvLA62SfemlKSOEzxszhyTYYmH6ENjVLeq4E2bPXP3UE2X/
FDTps7t4p4NZYJ32h1vvouDupbgKA76XW/vhm71r1rMngZghip8XuXX4mxytUT1gJWE1Bv
ReUFcm+YOOrEMbTsjEU1E8zsW4lspZDjDmQvdKVAqi0B5edQWgS9FlyYvw86mwkBh/vu+1
TUQHIieOf3AqFmj+ICMPw/P6MioOoBxG8KeVG+F3n2vP0nn9u32wnnHBbVOAJg==
ARC-Authentication-Results: i=1;
aspmx1.migadu.com;
dkim=fail ("body hash did not verify") header.d=telenet.be header.s=r22 header.b=KJIcLy+4;
dmarc=fail reason="SPF not aligned (relaxed)" header.from=telenet.be (policy=none);
spf=pass (aspmx1.migadu.com: domain of "bug-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="bug-guix-bounces+larch=yhetil.org@gnu.org"
X-Migadu-Spam-Score: 6.16
Authentication-Results: aspmx1.migadu.com;
dkim=fail ("body hash did not verify") header.d=telenet.be header.s=r22 header.b=KJIcLy+4;
dmarc=fail reason="SPF not aligned (relaxed)" header.from=telenet.be (policy=none);
spf=pass (aspmx1.migadu.com: domain of "bug-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="bug-guix-bounces+larch=yhetil.org@gnu.org"
X-Migadu-Queue-Id: 1BFDBF719
X-Spam-Score: 6.16
X-Migadu-Scanner: scn0.migadu.com
X-TUID: RXbHIslzN9NQ
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--------------9wif7DLuRxRzxR8VFIuzPf0u
Content-Type: multipart/mixed; boundary="------------bs4rcmDUOSWVWGGgLoAY2Fy6";
protected-headers="v1"
From: Maxime Devos
To: Andrew Tropin , guix-bug-va9nk6@rdmp.org,
56669@debbugs.gnu.org
Cc: Tissevert
Message-ID:
Subject: Re: bug#56669: enhancement: Link guix system and guix home
References: <63960cf762aec1ed2c4182f49cac66bc37fce2aa.camel@rdmp.org>
<87o7xjbrb1.fsf@trop.in> <87k086crtr.fsf@trop.in>
In-Reply-To: <87k086crtr.fsf@trop.in>
--------------bs4rcmDUOSWVWGGgLoAY2Fy6
Content-Type: multipart/mixed; boundary="------------53Mz6SLQdt2lOdeh8DtiJcia"
--------------53Mz6SLQdt2lOdeh8DtiJcia
Content-Type: multipart/alternative;
boundary="------------33DtCjGXVmHEyPvhyJX9iI3n"
--------------33DtCjGXVmHEyPvhyJX9iI3n
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: base64
T24gMjEtMDctMjAyMiAxOToxMywgQW5kcmV3IFRyb3BpbiB3cm90ZToNCg0KPiBUaGUgc291
cmNlIGNvZGUgaXMgaGVyZToNCj4gaHR0cHM6Ly9naXQuc3IuaHQvfmFiY2R3L3JkZS9jb21t
aXQvYzViNDA5N2FiOTkzMDlhY2UyM2U0MGQ5NTdlOWZhMWY5MzhmOTdlOQ0KDQpXaGF0J3Mg
dGhlICdndWl4LWhvbWUtZ2Mtcm9vdHMnIGZvcj8gSSB3b3VsZCBleHBlY3QgdGhlIHJlZmVy
ZW5jZSANCiMkKGZpbGUtYXBwZW5kIGhlICIvYWN0aXZhdGUiKSB0byBiZSBzdWZmaWNpZW50
IHRvIGtlZXAgdGhpbmdzIGZyb20gDQpiZWluZyBnYydlZC4NCg0KPiArIA0KPiA8aHR0cHM6
Ly9naXQuc3IuaHQvfmFiY2R3L3JkZS9jb21taXQvYzViNDA5N2FiOTkzMDlhY2UyM2U0MGQ5
NTdlOWZhMWY5MzhmOTdlOSNnbnUvc2VydmljZXMvaG9tZS5zY20tMS0yMz4gDQo+IChzdGFy
dCAjfihtYWtlLWZvcmtleGVjLWNvbnN0cnVjdG9yICsgDQo+IDxodHRwczovL2dpdC5zci5o
dC9+YWJjZHcvcmRlL2NvbW1pdC9jNWI0MDk3YWI5OTMwOWFjZTIzZTQwZDk1N2U5ZmExZjkz
OGY5N2U5I2dudS9zZXJ2aWNlcy9ob21lLnNjbS0xLTI0PiANCj4gJygjJChmaWxlLWFwcGVu
ZCBoZSAiL2FjdGl2YXRlIikpICsgDQo+IDxodHRwczovL2dpdC5zci5odC9+YWJjZHcvcmRl
L2NvbW1pdC9jNWI0MDk3YWI5OTMwOWFjZTIzZTQwZDk1N2U5ZmExZjkzOGY5N2U5I2dudS9z
ZXJ2aWNlcy9ob21lLnNjbS0xLTI1PiANCj4gIzp1c2VyICMkdXNlciArIA0KPiA8aHR0cHM6
Ly9naXQuc3IuaHQvfmFiY2R3L3JkZS9jb21taXQvYzViNDA5N2FiOTkzMDlhY2UyM2U0MGQ5
NTdlOWZhMWY5MzhmOTdlOSNnbnUvc2VydmljZXMvaG9tZS5zY20tMS0yNj4gDQo+ICM6ZW52
aXJvbm1lbnQtdmFyaWFibGVzICsgDQo+IDxodHRwczovL2dpdC5zci5odC9+YWJjZHcvcmRl
L2NvbW1pdC9jNWI0MDk3YWI5OTMwOWFjZTIzZTQwZDk1N2U5ZmExZjkzOGY5N2U5I2dudS9z
ZXJ2aWNlcy9ob21lLnNjbS0xLTI3PiANCj4gKGxpc3QgKHN0cmluZy1hcHBlbmQgIkhPTUU9
IiAocGFzc3dkOmRpciAoZ2V0cHcgIyR1c2VyKSkpKSArIA0KPiA8aHR0cHM6Ly9naXQuc3Iu
aHQvfmFiY2R3L3JkZS9jb21taXQvYzViNDA5N2FiOTkzMDlhY2UyM2U0MGQ5NTdlOWZhMWY5
MzhmOTdlOSNnbnUvc2VydmljZXMvaG9tZS5zY20tMS0yOD4gDQo+ICM6Z3JvdXAgKGdyb3Vw
Om5hbWUgKGdldGdyZ2lkIChwYXNzd2Q6Z2lkIChnZXRwdyAjJHVzZXIpKSkpKSkNCkknbSB3
b25kZXJpbmcgaWYgR1VJWF9MT0NQQVRIIGlzIG5lZWRlZCBhcyB3ZWxsLiBBbnl3YXksIGlm
IG5vdCBkb25lIA0KYWxyZWFkeSBpbnRlcm5hbGx5IGJ5IC9hY3RpdmF0ZSwgeW91IGNvdWxk
IGNvbnNpZGVyIGRvaW5nIGl0IGluIGEgDQpjb250YWluZXIgdG8gcmVkdWNlIHBvdGVudGlh
bCBpcnJlcHJvZHVjaWJpbGl0eSwgb3IgaW5zZWN1cml0eSBvbiANCm11bHRpLXVzZXIgc3lz
dGVtcyAoSSdkIGFzc3VtZSB0aGUgIzp1c2VyICsgIzpncm91cCB0byBiZSBzdWZmaWNpZW50
IGZvciANCnNlY3VyaXR5LCBlc3BlY2lhbGx5IGlmIGl0IGFwcGVhcnMgc3VmZmljaWVudCBm
b3Igb3RoZXIgc3lzdGVtIHNlcnZpY2VzLCANCmJ1dCBJJ20gbm90IHNvbWUgZXhwZXJ0IG9u
IHdoYXQgdGhpbmdzIG5lZWQgdG8gYmUgc2V0KS4NCg0KPiArIA0KPiA8aHR0cHM6Ly9naXQu
c3IuaHQvfmFiY2R3L3JkZS9jb21taXQvYzViNDA5N2FiOTkzMDlhY2UyM2U0MGQ5NTdlOWZh
MWY5MzhmOTdlOSNnbnUvc2VydmljZXMvaG9tZS5zY20tMS0yMD4gDQo+IChwcm92aXNpb24g
KGxpc3QgKHN5bWJvbC1hcHBlbmQgJ2d1aXgtaG9tZS0gKHN0cmluZy0+c3ltYm9sIHVzZXIp
KSkpICsgDQo+IDxodHRwczovL2dpdC5zci5odC9+YWJjZHcvcmRlL2NvbW1pdC9jNWI0MDk3
YWI5OTMwOWFjZTIzZTQwZDk1N2U5ZmExZjkzOGY5N2U5I2dudS9zZXJ2aWNlcy9ob21lLnNj
bS0xLTIxPiANCj4gKG9uZS1zaG90PyAjdCkgKyANCj4gPGh0dHBzOi8vZ2l0LnNyLmh0L35h
YmNkdy9yZGUvY29tbWl0L2M1YjQwOTdhYjk5MzA5YWNlMjNlNDBkOTU3ZTlmYTFmOTM4Zjk3
ZTkjZ251L3NlcnZpY2VzL2hvbWUuc2NtLTEtMjI+IA0KPiAoYXV0by1zdGFydD8gI2YpDQpX
b3VsZG4ndCBpdCB0aGVuIGJlIHBvc3NpYmxlIGZvciB0aGUgdXNlciB0byBsb2dpbiB2aWEg
dGhlIGxvZ2luIG1hbmFnZXIgDQpiZWZvcmUgaW5pdGlhbGlzYXRpb24gaGFzIGNvbXBsZXRl
ZCwgYXMgZ2RtIGV0YyBkb24ndCB3YWl0IGZvciANCmd1aXgtaG9tZS0uLi4gY3VycmVudGx5
Pw0KDQpHcmVldGluZ3MsDQpNYXhpbWUuDQoNCg==
--------------33DtCjGXVmHEyPvhyJX9iI3n
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
On 21-07-2022 19:13, Andrew Tropin wrote:
The source code is here:
=
https://git.sr.ht/~abcdw/rde/commit/c5b4097ab99309ace23e40d957e9fa1f938f9=
7e9
What's the 'guix-home-gc-roots' for? I would expect the reference
#$(file-append he "/activate") to be sufficient to keep things
from being gc'ed.
+=
(start #~(make-forkexec-constructor
+ '(#$(file-append he =
"/activate"))
+ #:user #$user
+ #:environment-variab=
les
+ (list (string-append=
"HOME=3D" (passwd:dir (getpw #$user))))
+ #:group (group:name =
(getgrgid (passwd:gid (getpw #$user))))))
I'm wondering if GUIX_LOCPATH is needed as well. Anyway, if not
done already internally by /activate, you could consider doing it
in a container to reduce potential irreproducibility, or
insecurity on multi-user systems (I'd assume the #:user + #:group
to be sufficient for security, especially if it appears sufficient
for other system services, but I'm not some expert on what things
need to be set).
+=
(provision (list (symbol-append 'guix-home- (string->symbo=
l user))))
+ (one-shot? #t)
+ (auto-start? #f)
Wouldn't it then be possible for the user to login via the login
manager before initialisation has completed, as gdm etc don't wait
for guix-home-... currently?
Greetings,
Maxime.
--------------33DtCjGXVmHEyPvhyJX9iI3n--
--------------53Mz6SLQdt2lOdeh8DtiJcia
Content-Type: application/pgp-keys; name="OpenPGP_0x49E3EE22191725EE.asc"
Content-Disposition: attachment; filename="OpenPGP_0x49E3EE22191725EE.asc"
Content-Description: OpenPGP public key
Content-Transfer-Encoding: quoted-printable
-----BEGIN PGP PUBLIC KEY BLOCK-----
xjMEX4ch6BYJKwYBBAHaRw8BAQdANPb/d6MrGnGi5HyvODCkBUJPRjiFQcRU5V+m
xvMaAa/NL01heGltZSBEZXZvcyA8bWF4aW1lLmRldm9zQHN0dWRlbnQua3VsZXV2
ZW4uYmU+wpAEExYIADgWIQTB8z7iDFKP233XAR9J4+4iGRcl7gUCX4ch6AIbAwUL
CQgHAwUVCgkICwUWAgMBAAIeAQIXgAAKCRBJ4+4iGRcl7japAQC3opZ2KGWzWmRc
/gIWSu0AAcfMwyinFEEPa/QhUt2CogD/e2RdF4CYAgaRHJJmZ9WU7piKbLZ7llB4
LzgezVDHggzNJU1heGltZSBEZXZvcyA8bWF4aW1lZGV2b3NAdGVsZW5ldC5iZT7C
kAQTFggAOBYhBMHzPuIMUo/bfdcBH0nj7iIZFyXuBQJf56ycAhsDBQsJCAcDBRUK
CQgLBRYCAwEAAh4BAheAAAoJEEnj7iIZFyXujpQBAKV1SwDDl4f24rXciDlB9L8W
ycZt30CgbewMSRQk4mvbAP9dFMbVVixYBd6C8cfhR+NsOBGiOJnQABlUmgNuqGFJ
Dc44BF+HIegSCisGAQQBl1UBBQEBB0BOlzIWiJzgobMF6/cqwLaLk7jIcFSZ++c0
k9cCNT6YXwMBCAfCeAQYFggAIBYhBMHzPuIMUo/bfdcBH0nj7iIZFyXuBQJfhyHo
AhsMAAoJEEnj7iIZFyXuMr0BAJc8cl5PGvVmVuSQVKjleNl4DK1/XAaPAYPe34AE
fZJPAP9IqLCQhH/FeJanHqBP8gNdGNI2qn8RnnLVfRJgUjZ1BA=3D=3D
=3DOVqp
-----END PGP PUBLIC KEY BLOCK-----
--------------53Mz6SLQdt2lOdeh8DtiJcia--
--------------bs4rcmDUOSWVWGGgLoAY2Fy6--
--------------9wif7DLuRxRzxR8VFIuzPf0u
Content-Type: application/pgp-signature; name="OpenPGP_signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="OpenPGP_signature"
-----BEGIN PGP SIGNATURE-----
wnsEABYIACMWIQTB8z7iDFKP233XAR9J4+4iGRcl7gUCYtmL9wUDAAAAAAAKCRBJ4+4iGRcl7mKW
AQDdz6W+MAq2TLcFCImnpQL3LeBr9j2Lk91iFbuciphP5QD+NfygG8qw5a2gixcGlbOZUtvl4rHq
o2OZS2gdTcpxxQA=
=WATg
-----END PGP SIGNATURE-----
--------------9wif7DLuRxRzxR8VFIuzPf0u--