From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp0 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id QFf0N/trPV+BaQAA0tVLHw (envelope-from ) for ; Wed, 19 Aug 2020 18:14:19 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp0 with LMTPS id cAXFM/trPV/4HQAA1q6Kng (envelope-from ) for ; Wed, 19 Aug 2020 18:14:19 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 743C194050D for ; Wed, 19 Aug 2020 18:14:19 +0000 (UTC) Received: from localhost ([::1]:36232 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1k8SbK-0004mz-BO for larch@yhetil.org; Wed, 19 Aug 2020 14:14:18 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:56070) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1k8Sb9-0004la-KL for guix-devel@gnu.org; Wed, 19 Aug 2020 14:14:07 -0400 Received: from lepiller.eu ([2a00:5884:8208::1]:57498) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1k8Sb7-0008DJ-1N for guix-devel@gnu.org; Wed, 19 Aug 2020 14:14:07 -0400 Received: from lepiller.eu (localhost [127.0.0.1]) by lepiller.eu (OpenSMTPD) with ESMTP id 5174fc25; Wed, 19 Aug 2020 18:14:00 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=lepiller.eu; h=date :in-reply-to:references:mime-version:content-type :content-transfer-encoding:subject:to:cc:from:message-id; s= dkim; bh=t7efkeOMNT8lSBtq4gk9c9gbWpie6wtBhflHo9EK2zc=; b=FYSAoJU xKM+jmS8O1hFj1sz80kTliuj9VfkoV3+Q286j4OD3Hzda0GrOMopR8I7aLoSS5li eSWpfnPbiNHY+Y0ROzmj+SII+RCBTjtevgvMtwRF6JHi5iOmUjFmtB4ftJCUEGqB KZEvxOzOyZLj1GGIlgC9ZbvWktawZv05+URmogD6aG99zPR7sWltEwoipvZxGhAc vo+11WIrQ1ATYZFznAwnl5hquAipISZUkwxNRAAh4ckoIN1VD0vUi8Aky0DaVCQq glf/kzukjF+o+9opOVZ7HrjeuAENZpE5Cn4IokHwTs1+obW/RAHogjk8msDdfnfA V6oBrqy1NHlg6Xw== Received: by lepiller.eu (OpenSMTPD) with ESMTPSA id 064394ff (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256:NO); Wed, 19 Aug 2020 18:13:59 +0000 (UTC) Date: Wed, 19 Aug 2020 14:13:43 -0400 User-Agent: K-9 Mail for Android In-Reply-To: <20200819204834.4136d041@panther-arch.localdomain> References: <20200819121659.2d1d7fb6@panther-arch.localdomain> <20200819204834.4136d041@panther-arch.localdomain> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----CPSY54KAB8GA27C7T0X1N3R85GAUKS" Content-Transfer-Encoding: 7bit Subject: Re: Allow to add more than one group for service user To: Reza Alizadeh Majd From: Julien Lepiller Message-ID: <02CEB542-5515-4A42-9349-B598738FBE0C@lepiller.eu> Received-SPF: none client-ip=2a00:5884:8208::1; envelope-from=julien@lepiller.eu; helo=lepiller.eu X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: guix-devel@gnu.org Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org Sender: "Guix-devel" X-Scanner: scn0 Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=lepiller.eu header.s=dkim header.b=FYSAoJU ; dmarc=pass (policy=none) header.from=lepiller.eu; spf=pass (aspmx1.migadu.com: domain of guix-devel-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-devel-bounces@gnu.org X-Spam-Score: -1.71 X-TUID: x7ASVtaysUtQ ------CPSY54KAB8GA27C7T0X1N3R85GAUKS Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable From=20what I understand, the generated /etc/group is correct, but loging as = kyc-service, even after a reboot, you don't see the additional groups? On 2020=E5=B9=B48=E6=9C=8819=E6=97=A5 12:18:34 GMT-04:00, Reza Alizadeh Ma= jd wrote: >Hi Julien, > >On Wed, 19 Aug 2020 07:11:25 -0400 >Julien Lepiller wrote: > >> This kind of message should probably go to guix-help instead=2E Can you >> send your user and groups definition you're using? Then we should see >> if there's anything wrong with it, or if we can reproduce the issue=2E > > >sorry for interruption, since I assumed this could be a bug I continue >previous discussion in this mailing list, if you think `help-guix` is >the proper place to discuss about this issue we can continue on >following thread:=20 > >https://lists=2Egnu=2Eorg/archive/html/help-guix/2020-07/msg00088=2Ehtml > >by the way, here is the user account and groups that I'm using for my >service definition: > >--8<---------------cut here---------------start------------->8--- >(define %kyc-accounts > (list (user-group (name "kyc-service")) > (user-group (name "kyc-rpc")) > (user-account > (name "kyc-service") > (group "kyc-service") > (system? #f) > (supplementary-groups '("wheel" "kyc-rpc" "video")) > (comment "KYC service user")))) >--8<---------------cut here---------------end--------------->8--- > >later I add these definitions using `account-service-type` extension: > >--8<---------------cut here---------------start------------->8--- >(define kyc-service-type > =2E=2E=2E > (extensions (list =2E=2E=2E > (service-extension account-service-type > (const %kyc-accounts)))) > =2E=2E=2E >--8<---------------cut here---------------end--------------->8--- > > >--=20 >Reza Alizadeh Majd >PantherX Team >https://www=2Epantherx=2Eorg/ ------CPSY54KAB8GA27C7T0X1N3R85GAUKS Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable From what I understand, the generated /etc/group i= s correct, but loging as kyc-service, even after a reboot, you don't see th= e additional groups?

On 2020=E5=B9=B48=E6= =9C=8819=E6=97=A5 12:18:34 GMT-04:00, Reza Alizadeh Majd <r=2Emajd@panth= erx=2Eorg> wrote:
Hi Julien,

On Wed, 19 Aug 2020 07:11:25 -0400=

Julien Lepiller <julien@lepiller=2Eeu> wrote:

This kind of message should probably g=
o to guix-help instead=2E Can you
send your user and groups definition y=
ou're using? Then we should see
if there's anything wrong with it, or if=
 we can reproduce the issue=2E


sorry for interrupti=
on, since I assumed this could be a bug I continue
previous discussion i=
n this mailing list, if you think `help-guix` is
the proper place to dis=
cuss about this issue we can continue on
following thread: 

https://lists=2Egnu=2Eorg/archive/html/help-guix/2020-07/msg00088=2Eht=
ml

by the way, here is the user account and groups that I'm usin=
g for my
service definition:

--8<---------------cut here------=
---------start------------->8---
(define %kyc-accounts
  (list (us=
er-group (name "kyc-service"))
        (user-group (name "kyc-rpc"))
=
        (user-account
          (name "kyc-service")
          (group=
 "kyc-service")
          (system? #f)
          (supplementary-group=
s '("wheel" "kyc-rpc" "video"))
          (comment "KYC service user")))=
)
--8<---------------cut here---------------end--------------->8--=
-

later I add these definitions using `account-service-type` extensi=
on:

--8<---------------cut here---------------start-------------&=
gt;8---
(define kyc-service-type
   =2E=2E=2E
   (extensions (list=
 =2E=2E=2E
                            (service-extension account-servic=
e-type
                                                          (const =
%kyc-accounts))))
   =2E=2E=2E
--8<---------------cut here--------=
-------end--------------->8---

------CPSY54KAB8GA27C7T0X1N3R85GAUKS--