From mboxrd@z Thu Jan  1 00:00:00 1970
From: Mark H Weaver <mhw@netris.org>
Subject: Re: Guix binary tarball
Date: Tue, 19 May 2015 19:03:57 -0400
Message-ID: <87382smaoy.fsf@netris.org>
References: <20150515164602.GA13539@debian>
Mime-Version: 1.0
Content-Type: text/plain
Return-path: <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:54361)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <mhw@netris.org>) id 1YuqYS-00017S-NL
	for guix-devel@gnu.org; Tue, 19 May 2015 19:04:09 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <mhw@netris.org>) id 1YuqYP-0005zH-Ei
	for guix-devel@gnu.org; Tue, 19 May 2015 19:04:08 -0400
In-Reply-To: <20150515164602.GA13539@debian> (Andreas Enge's message of "Fri,
	15 May 2015 18:46:02 +0200")
List-Id: "Development of GNU Guix and the GNU System distribution."
	<guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-devel>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
Sender: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
To: Andreas Enge <andreas@enge.fr>
Cc: guix-devel@gnu.org

Andreas Enge <andreas@enge.fr> writes:

> - The tarball also contains /, /root and /var. When unpacking it, the owner
>   and permissions are changed on the system. As a consequence, we could not
>   ssh into the machine any more (!). Could these directories be left out of
>   the tarball and only their contents be kept in?

The directories could indeed be left out.  I experimentally verified
that GNU tar will still create those directories if they don't already
exist, but will leave their ownership and permissions unmodified if they
do exist.

Here's a suggested patch:

--8<---------------cut here---------------start------------->8---
diff --git a/gnu/system/install.scm b/gnu/system/install.scm
index 799851c..10fbfdd 100644
--- a/gnu/system/install.scm
+++ b/gnu/system/install.scm
@@ -71,7 +71,14 @@ under /root/.guix-profile where GUIX is installed."
           (with-directory-excursion %root
             (zero? (system* "tar" "--xz" "--format=gnu"
                             "--owner=root:0" "--group=root:0"
-                            "-cvf" #$output ".")))))
+                            "-cvf" #$output
+                            ;; Avoid adding /, /var, or /root to the tarball,
+                            ;; so that the ownership and permissions of those
+                            ;; directories will not be overwritten when
+                            ;; extracting the archive.
+                            "./root/.guix-profile"
+                            "./var/guix"
+                            "./gnu")))))
 
     (gexp->derivation "guix-tarball.tar.xz" build
                       #:references-graphs `(("profile" ,profile))
--8<---------------cut here---------------end--------------->8---

If we did this, then we could revert 8c3a5d7059 and avoid any use of
--skip-old-files.  I would be in favor of this.

What do you think?

      Mark