From: "Ludovic Courtès" <ludo@gnu.org>
To: Maxime Devos <maximedevos@telenet.be>
Cc: guix-devel@gnu.org, Xinglu Chen <public@yoctocell.xyz>,
Maxim Cournoyer <maxim.cournoyer@gmail.com>,
Andrew Tropin <andrew@trop.in>
Subject: Re: Code sharing between system and home services (was Re: On the naming of System and Home services modules.)
Date: Wed, 06 Oct 2021 15:12:17 +0200 [thread overview]
Message-ID: <874k9ujo0e.fsf@gnu.org> (raw)
In-Reply-To: <129eb4ca6dd24e150f360df431e294413e238ac8.camel@telenet.be> (Maxime Devos's message of "Mon, 04 Oct 2021 18:14:35 +0200")
Hi,
Maxime Devos <maximedevos@telenet.be> skribis:
> It might be possible to modify 'make-forkexec-constructor/container' to call
> (exec-command (cons* newuidmap ARGUMENTS-TO-NEWUIDMAP command) ...),
> where newuidmap is (search-input-file "newuidmap" '("/run/setuid-programs" "/usr/sbin" "/sbin")).
> That path should work on Guix System and many foreign distro, presuming the distro
> is configured to make "newuidmap" setuid.
That looks like opening the door to reproducibility issues.
If we wanted to take that route, it might be slightly more aesthetically
pleasing to rely on a service such as Bubblewrap, but the
non-self-containment issue remains.
Ludo’.
next prev parent reply other threads:[~2021-10-06 13:16 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-15 8:47 On the naming of System and Home services modules Andrew Tropin
2021-09-15 10:09 ` Maxime Devos
2021-09-15 13:15 ` Andrew Tropin
2021-09-15 13:06 ` Xinglu Chen
2021-09-15 14:50 ` Katherine Cox-Buday
2021-09-16 10:01 ` Andrew Tropin
2021-09-16 9:57 ` Andrew Tropin
2021-09-17 9:28 ` Xinglu Chen
2021-09-17 11:35 ` Andrew Tropin
2021-09-19 14:54 ` Xinglu Chen
2021-09-23 20:08 ` Ludovic Courtès
2021-09-24 8:08 ` Andrew Tropin
2021-09-28 12:17 ` Ludovic Courtès
2021-09-24 13:35 ` Code sharing between system and home services (was Re: On the naming of System and Home services modules.) Xinglu Chen
2021-09-24 14:03 ` Maxime Devos
2021-09-24 15:39 ` Xinglu Chen
2021-09-24 17:02 ` Maxime Devos
2021-09-28 12:19 ` Ludovic Courtès
2021-09-28 6:03 ` Andrew Tropin
2021-09-24 15:32 ` Joshua Branson
2021-09-28 12:21 ` Ludovic Courtès
2021-09-29 13:52 ` Maxime Devos
2021-10-02 14:27 ` Ludovic Courtès
2021-10-02 22:13 ` Code sharing between system and home services Vagrant Cascadian
2021-10-04 14:34 ` Ludovic Courtès
2021-10-03 8:45 ` Code sharing between system and home services (was Re: On the naming of System and Home services modules.) Maxime Devos
2021-10-04 14:32 ` Ludovic Courtès
2021-10-04 16:14 ` Maxime Devos
2021-10-06 13:12 ` Ludovic Courtès [this message]
2021-09-28 2:32 ` Maxim Cournoyer
2021-09-16 3:05 ` On the naming of System and Home services modules Ryan Prior
2021-09-16 8:50 ` Andrew Tropin
2021-09-17 13:43 ` pinoaffe
2021-09-23 20:10 ` Ludovic Courtès
2021-09-28 6:32 ` Andrew Tropin
2021-09-28 12:26 ` Ludovic Courtès
2021-09-28 13:48 ` Andrew Tropin
2021-09-28 19:36 ` Oleg Pykhalov
2021-10-02 14:22 ` Ludovic Courtès
2021-10-02 17:23 ` Oleg Pykhalov
2021-09-28 15:25 ` Xinglu Chen
2021-10-02 14:25 ` Ludovic Courtès
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=874k9ujo0e.fsf@gnu.org \
--to=ludo@gnu.org \
--cc=andrew@trop.in \
--cc=guix-devel@gnu.org \
--cc=maxim.cournoyer@gmail.com \
--cc=maximedevos@telenet.be \
--cc=public@yoctocell.xyz \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).