From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp0.migadu.com ([2001:41d0:403:58f0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms1.migadu.com with LMTPS id WF2+HfZ0QGamCQAAqHPOHw:P1 (envelope-from ) for ; Sun, 12 May 2024 09:51:18 +0200 Received: from aspmx1.migadu.com ([2001:41d0:403:58f0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp0.migadu.com with LMTPS id WF2+HfZ0QGamCQAAqHPOHw (envelope-from ) for ; Sun, 12 May 2024 09:51:18 +0200 X-Envelope-To: larch@yhetil.org Authentication-Results: aspmx1.migadu.com; dkim=none; dmarc=pass (policy=none) header.from=gnu.org; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org" ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1715500278; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=nS3k9vXV6zDqrbVLSgEL1W42bnMuZBgG+rsE9buUHQw=; b=FcNcNajLM9265GKjM4ENAEiQPuu6O4Y0KscCGf4t9RJHP+a7fltgTLFY+//uvm+yG/JgbA n15AptyDrIK4u+N9VcVSCrQQS/2qf+qeYkr90Dv0PdR3bSZMQqx4/27f27OD/QCiN8DEiz 8/QIFFybnHWevjCLPdxyrCRfXkhZQI5AM3vFd8vGPwXdNsXcEia3hAufIdhyX3DNA3My/h dTZnq1YgS+Q6B/iUSAVL6A9Tk3Nofu7r6c7ix/MkFS6sFmhis9tDdcyXvHtlLbtFoO5ytR apMvO3Y5gvEgPl9TjYQPWsi8NzWcsbI8zAUpNFG2yOKkhflBZUvJlpv0P82U/g== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1715500278; a=rsa-sha256; cv=none; b=Ih561ICNgHjaC6k9SL+h1uBDyAPK8mySUuhRzo2nULwiRT3e3ZIHOqsjdEA4nare+F4dRm uNtW3gOXzMkpP/thUlP8trGD/8HMUbG963a+Yq4lXJMc6j1X6fDhBB9WYa1kpQXWUZvqPt Y2J1aEVrVDiijBL0bNHgzo8qWOGsyQ5qjTiR4/sbqG0YqfPMlBqRj64yCXl1uwn3N8DpRr 84C/0VYum4vHWp1LjVtwUPaWBemtCHi3HPYyKrYQ4uZtHyBca0fmvcHBt7aZXH0p6cUXe2 cxpoxn7rKC/eZV2zBwaHVzetajnpuLZBAkAePUn/MC3xNtwxvmW0i8aztebeMQ== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=none; dmarc=pass (policy=none) header.from=gnu.org; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org" Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 3DF707316E for ; Sun, 12 May 2024 09:51:17 +0200 (CEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1s63yo-0000wI-3L; Sun, 12 May 2024 03:50:46 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1s63yc-0000sO-Cq for guix-devel@gnu.org; Sun, 12 May 2024 03:50:36 -0400 Received: from 8.mo575.mail-out.ovh.net ([46.105.74.219]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1s63yH-00047h-Sa for guix-devel@gnu.org; Sun, 12 May 2024 03:50:33 -0400 Received: from director9.ghost.mail-out.ovh.net (unknown [10.109.139.72]) by mo575.mail-out.ovh.net (Postfix) with ESMTP id 4VcZXf04zvz1M58 for ; Sun, 12 May 2024 07:50:09 +0000 (UTC) Received: from ghost-submission-6684bf9d7b-qz7wg (unknown [10.110.113.182]) by director9.ghost.mail-out.ovh.net (Postfix) with ESMTPS id 6FADA1FE87; Sun, 12 May 2024 07:50:08 +0000 (UTC) Received: from ngraves.fr ([37.59.142.95]) by ghost-submission-6684bf9d7b-qz7wg with ESMTPSA id lRGjFrB0QGZHnCgAjabMww (envelope-from ); Sun, 12 May 2024 07:50:08 +0000 X-OVh-ClientIp: 176.191.136.151 To: Eli Zaretskii Cc: monnier@iro.umontreal.ca, ludo@gnu.org, emacs-devel@gnu.org, andrew@trop.in, guix-devel@gnu.org, bjorn.bidar@thaodan.de, rudi@constantly.at, felix.lechner@lease-up.com Subject: Re: [Nicolas Graves] [PATCH v6 01/10] rde: emacs: Start emacs in --daemon mode, with shepherd and pid-file In-Reply-To: <86bk5b1r1i.fsf@gnu.org> References: <20240410234923.29319-2-ngraves@ngraves.fr> <875xwotg35.fsf@trop.in> <87zfu0m9ps.fsf@ngraves.fr> <87jzl22u5w.fsf@gnu.org> <87frvp4a4u.fsf@ngraves.fr> <87msow5cm8.fsf@ngraves.fr> <87msow7xrs.fsf@ngraves.fr> <86bk5b1r1i.fsf@gnu.org> Date: Sun, 12 May 2024 09:50:06 +0200 Message-ID: <87cyprbhap.fsf@ngraves.fr> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Ovh-Tracer-Id: 8408501982761640488 X-VR-SPAMSTATE: OK X-VR-SPAMSCORE: -100 X-VR-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgedvledrvdeguddgudduudcutefuodetggdotefrodftvfcurfhrohhfihhlvgemucfqggfjpdevjffgvefmvefgnecuuegrihhlohhuthemucehtddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenucfjughrpefhvfevufgjfhffkfggtgfgsehtqhertddttdejnecuhfhrohhmpefpihgtohhlrghsucfirhgrvhgvshcuoehnghhrrghvvghssehnghhrrghvvghsrdhfrheqnecuggftrfgrthhtvghrnhepfeevudetvdegjeetiedvjedtgffhhfetfefhudegkeeuvddvtdevieetfedvvdegnecuffhomhgrihhnpehmrghsthhoughonhdrshhotghirghlpdhgihhthhhusgdrtghomhdpfhhrvggvuggvshhkthhophdrohhrghenucfkphepuddvjedrtddrtddruddpudejiedrudeluddrudefiedrudehuddpfeejrdehledrudegvddrleehnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehinhgvthepuddvjedrtddrtddruddpmhgrihhlfhhrohhmpehnghhrrghvvghssehnghhrrghvvghsrdhfrhdpnhgspghrtghpthhtohepuddprhgtphhtthhopehguhhigidquggvvhgvlhesghhnuhdrohhrghdpoffvtefjohhsthepmhhoheejhedpmhhouggvpehsmhhtphhouhht Received-SPF: pass client-ip=46.105.74.219; envelope-from=ngraves@ngraves.fr; helo=8.mo575.mail-out.ovh.net X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-to: Nicolas Graves From: Nicolas Graves via "Development of GNU Guix and the GNU System distribution." Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org Sender: guix-devel-bounces+larch=yhetil.org@gnu.org X-Migadu-Flow: FLOW_IN X-Migadu-Country: US X-Migadu-Spam-Score: -3.88 X-Spam-Score: -3.88 X-Migadu-Queue-Id: 3DF707316E X-Migadu-Scanner: mx11.migadu.com X-TUID: xaMi2n330pWl On 2024-05-12 09:29, Eli Zaretskii wrote: >> Cc: Ludovic Court=C3=A8s , emacs-devel@gnu.org, >> Andrew Tropin , guix-devel@gnu.org, bjorn.bidar@thaodan= .de, >> rudi@constantly.at, felix.lechner@lease-up.com >> Date: Sun, 12 May 2024 01:07:51 +0200 >> From: Nicolas Graves via "Emacs development discussions." >>=20 >> A lightly cleaned-up version attached. > > Thanks. What was the motivation for this, again? A light summary (all is in the preceding exchanges in the mailing list): - Ludovic Court=C3=A8s suggested this change because linking with systemd is unnecessary (very light usage), and increases the attack surface. - Rudolf Schlatte highlights that Lennart Poettering says that the notify protocol is stable and independent of libsystemd. https://mastodon.social/@pid_eins/112202687764571433 https://mastodon.social/@pid_eins/112202696589971319 This mastondon thread itself contains a lot of info/answers about this, including examples of similar work on other projects: - https://github.com/FRRouting/frr/pull/8508 - https://github.com/OISF/suricata/pull/10757 Lennart Poettering also says that the protocol has been stable for a decade and will surely be for at least another decade. This should also answer the worry about significant maintenance. What I'm less confident about is edge cases as I highlighted earlier (are there cases where systemd's safe_atoi is necessary compared to strtol ? Is it fine if LISTEN_FDS is set but LISTEN_PID unset, or should be check for LISTEN_PID definition too ?) > >> configure.ac | 19 +------ >> lib/Makefile.in | 2 +- >> lib/gnulib.mk.in | 2 - >> lib/sd-socket.c | 137 +++++++++++++++++++++++++++++++++++++++++++++++ >> lib/sd-socket.h | 57 ++++++++++++++++++++ >> msdos/sed1v2.inp | 3 -- >> src/Makefile.in | 9 ++-- >> src/deps.mk | 2 +- >> src/emacs.c | 50 ++++++++--------- >> 9 files changed, 226 insertions(+), 55 deletions(-) >> create mode 100644 lib/sd-socket.c >> create mode 100644 lib/sd-socket.h > > Your code is not from Gnulib, so it is wrong to place it in lib/. It > should be in src/, and probably just an addition to sysdep.c. Then > many of the changes to the build infrastructure will not be needed. Thanks, I'll place that there. > >> -HAVE_LIBSYSTEMD=3Dno >> -if test "${with_libsystemd}" =3D "yes" ; then >> - dnl This code has been tested with libsystemd 222 and later. >> - dnl FIXME: Find the earliest version number for which Emacs should wo= rk, >> - dnl and change '222' to that number. >> - EMACS_CHECK_MODULES([LIBSYSTEMD], [libsystemd >=3D 222], >> - [HAVE_LIBSYSTEMD=3Dyes], [HAVE_LIBSYSTEMD=3Dno]) >> - if test "${HAVE_LIBSYSTEMD}" =3D "yes"; then >> - AC_DEFINE([HAVE_LIBSYSTEMD], [1], [Define if using libsystemd.]) >> - fi >> -fi >> - >> -AC_SUBST([LIBSYSTEMD_LIBS]) >> -AC_SUBST([LIBSYSTEMD_CFLAGS]) > > This test should be replaced by a test to determine whether the > systemd interface should be compiled into Emacs. Not all of the > supported platform can use it, so we need to determine that at > configure time. > Thanks, will do. >> - >> HAVE_JSON=3Dno >> JSON_OBJ=3D >>=20=20 >> @@ -6652,7 +6636,7 @@ AC_DEFUN >> optsep=3D >> emacs_config_features=3D >> for opt in ACL BE_APP CAIRO DBUS FREETYPE GCONF GIF GLIB GMP GNUTLS GPM= GSETTINGS \ >> - HARFBUZZ IMAGEMAGICK JPEG JSON LCMS2 LIBOTF LIBSELINUX LIBSYSTEMD LIBX= ML2 \ >> + HARFBUZZ IMAGEMAGICK JPEG JSON LCMS2 LIBOTF LIBSELINUX LIBXML2 \ >> M17N_FLT MODULES NATIVE_COMP NOTIFY NS OLDXMENU PDUMPER PGTK PNG RSVG = SECCOMP \ >> SOUND SQLITE3 THREADS TIFF TOOLKIT_SCROLL_BARS TREE_SITTER \ >> UNEXEC WEBP X11 XAW3D XDBE XFT XIM XINPUT2 XPM XWIDGETS X_TOOLKIT \ >> @@ -6721,7 +6705,6 @@ AC_DEFUN >> Does Emacs use -lm17n-flt? ${HAVE_M17N_F= LT} >> Does Emacs use -lotf? ${HAVE_LIBOTF} >> Does Emacs use -lxft? ${HAVE_XFT} >> - Does Emacs use -lsystemd? ${HAVE_LIBSYS= TEMD} >> Does Emacs use -ljansson? ${HAVE_JSON} >> Does Emacs use -ltree-sitter? ${HAVE_TREE_S= ITTER} >> Does Emacs use the GMP library? ${HAVE_GMP} > > The above summary of the configuration should still call out the > result of the configure test for systemd interface, and I think the > list of features should include some string which tells us whether > systemd interface is supported. Understood.=20 > >> -#ifdef HAVE_LIBSYSTEMD >> /* Read the number of sockets passed through by systemd. */ >> - int systemd_socket =3D sd_listen_fds (1); >> - >> - if (systemd_socket > 1) >> - fputs (("\n" >> - "Warning: systemd passed more than one socket to Emacs.\n" >> - "Try 'Accept=3Dfalse' in the Emacs socket unit file.\n"), >> - stderr); >> - else if (systemd_socket =3D=3D 1 >> - && (0 < sd_is_socket (SD_LISTEN_FDS_START, >> - AF_UNSPEC, SOCK_STREAM, 1))) >> - sockfd =3D SD_LISTEN_FDS_START; >> -#endif /* HAVE_LIBSYSTEMD */ >> + const char *fds =3D getenv("LISTEN_FDS"); >> + if (fds) { >> + int systemd_socket =3D strtol(fds, NULL, 0); >> + if (systemd_socket > 1) >> + fputs (("\n" >> + "Warning: systemd passed more than one socket to Emacs.\n" >> + "Try 'Accept=3Dfalse' in the Emacs socket unit file.\n"), >> + stderr); >> + else if (systemd_socket =3D=3D 1 >> + && (0 < sd_is_socket (SD_LISTEN_FDS_START, SOCK_STREAM, 1))) >> + sockfd =3D SD_LISTEN_FDS_START; >> + } > > The new code to interface with systemd cannot be compiled > unconditionally, it should have some #ifdef condition, determined by > the configure script, because not all the platforms we support can use > systemd. Same point. > >> @@ -2857,12 +2854,15 @@ DEFUN ("kill-emacs", Fkill_emacs, Skill_emacs, 0= , 2, "P", >> } >> #endif >>=20=20 >> -#ifdef HAVE_LIBSYSTEMD >> /* Notify systemd we are shutting down, but only if we have notified >> it about startup. */ >> - if (daemon_type =3D=3D -1) >> - sd_notify(0, "STOPPING=3D1"); >> -#endif /* HAVE_LIBSYSTEMD */ >> + if (daemon_type =3D=3D -1){ >> + int r =3D sd_notify_stopping(); >> + if (r < 0) { >> + fprintf(stderr, "Failed to report termination to $NOTIFY_SOCKET: = %s\n", strerror(-r)); >> + exit (EXIT_FAILURE); >> + } >> + } > > Same here. > >> /* Fsignal calls emacs_abort () if it sees that waiting_for_input is >> set. */ >> @@ -3382,9 +3382,11 @@ DEFUN ("daemon-initialized", Fdaemon_initialized,= Sdaemon_initialized, 0, 0, 0, >>=20=20 >> if (daemon_type =3D=3D 1) >> { >> -#ifdef HAVE_LIBSYSTEMD >> - sd_notify(0, "READY=3D1"); >> -#endif /* HAVE_LIBSYSTEMD */ >> + int r =3D sd_notify_ready(); >> + if (r < 0) { >> + fprintf(stderr, "Failed to notify readiness to $NOTIFY_SOCKET: %s\n", = strerror(-r)); >> + exit (EXIT_FAILURE); >> + } >> } > > And here. > >> > Seems to work properly on my side with the following patch, on Guix wi= th >> > the shepherd service I sent a few weeks ago. The patch is actually >> > pretty simple. > > How sure we are that the code you wrote will not need any significant > maintenance due to changes in how systemd works? The significant > advantage of using libsystemd is that the systemd developers take care > of updating it as needed. With these changes, that burden is now on > us. I don't think we'd be happy maintaining system-level code that > have very little relevance to Emacs. > >> > - The sd_notify code is taken from >> > https://www.freedesktop.org/software/systemd/man/devel/sd_notify.html#= Notes > > I'm not sure what would be the legal aspects of such code borrowing. The code is given as MIT-0, hence also the two different licenses for the two functions sd_notify and sd_is_socket. Not an expert on licenses either, but with a proper flag about what this function's license is, I guess it should be fine, since other projects also do that. --=20 Best regards, Nicolas Graves