* Why is the default $HOME /homeless-shelter?
@ 2019-11-17 0:55 Jesse Gibbons
2019-11-17 21:39 ` Ludovic Courtès
0 siblings, 1 reply; 5+ messages in thread
From: Jesse Gibbons @ 2019-11-17 0:55 UTC (permalink / raw)
To: guix-devel mailing list
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Why is the default $HOME /homeless-shelter?
2019-11-17 0:55 Why is the default $HOME /homeless-shelter? Jesse Gibbons
@ 2019-11-17 21:39 ` Ludovic Courtès
2019-11-17 22:58 ` Jesse Gibbons
0 siblings, 1 reply; 5+ messages in thread
From: Ludovic Courtès @ 2019-11-17 21:39 UTC (permalink / raw)
To: Jesse Gibbons; +Cc: guix-devel mailing list
Hi!
Because it’s always been this way! :-)
This is inherited from Nix. The rationale is that there’s no home
directory in build environments, and perhaps Eelco Dolstra and others
back then found that setting ‘HOME’ to a non-existing directory broke
fewer builds that leaving it unset.
HTH,
Ludo’.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Why is the default $HOME /homeless-shelter?
2019-11-17 21:39 ` Ludovic Courtès
@ 2019-11-17 22:58 ` Jesse Gibbons
2019-11-18 12:15 ` Clément Lassieur
0 siblings, 1 reply; 5+ messages in thread
From: Jesse Gibbons @ 2019-11-17 22:58 UTC (permalink / raw)
To: Ludovic Courtès; +Cc: guix-devel mailing list
On Sun, 2019-11-17 at 22:39 +0100, Ludovic Courtès wrote:
> Hi!
>
> Because it’s always been this way! :-)
>
> This is inherited from Nix. The rationale is that there’s no home
> directory in build environments, and perhaps Eelco Dolstra and others
> back then found that setting ‘HOME’ to a non-existing directory broke
> fewer builds that leaving it unset.
>
> HTH,
> Ludo’.
Is this documented or speculation? What packages could break if $HOME is set
to somewhere in /tmp?
Considering these packages are usually written without knowing GuixSD
exists, if a package install script depends on HOME I would think it would
try to use $HOME as a directory expecting it to exist. Since it is
/homeless-shelter by default, and /homeless-shelter does not exist on a
default GuixSD install, we observe that most of the packages that depend on
HOME need to be modified to set HOME, and the location of the new HOME is
often inconsistently decided.
If it is documented, I will admit defeat.
If the reason Nix doesn't set HOME isn't documented, I think I will try
setting HOME to a subdirectory of /tmp taking the target's hash and name
into account. If that doesn't break anything, I think I will send a patch
for core-updates. I would expect the patch to trigger a mass rebuild of
every package. Hopefully that can be tested rigorously before core-updates
is merged into master, and we will no longer need to change HOME when an
install script depends on it.
If anyone objects, please respond sooner rather than later.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Why is the default $HOME /homeless-shelter?
2019-11-17 22:58 ` Jesse Gibbons
@ 2019-11-18 12:15 ` Clément Lassieur
2019-11-23 17:33 ` Ludovic Courtès
0 siblings, 1 reply; 5+ messages in thread
From: Clément Lassieur @ 2019-11-18 12:15 UTC (permalink / raw)
To: Jesse Gibbons; +Cc: guix-devel
Hi Jesse,
Jesse Gibbons <jgibbons2357@gmail.com> writes:
> On Sun, 2019-11-17 at 22:39 +0100, Ludovic Courtès wrote:
>> Hi!
>>
>> Because it’s always been this way! :-)
>>
>> This is inherited from Nix. The rationale is that there’s no home
>> directory in build environments, and perhaps Eelco Dolstra and others
>> back then found that setting ‘HOME’ to a non-existing directory broke
>> fewer builds that leaving it unset.
>>
>> HTH,
>> Ludo’.
> Is this documented or speculation? What packages could break if $HOME is set
> to somewhere in /tmp?
>
> Considering these packages are usually written without knowing GuixSD
> exists, if a package install script depends on HOME I would think it would
> try to use $HOME as a directory expecting it to exist. Since it is
> /homeless-shelter by default, and /homeless-shelter does not exist on a
> default GuixSD install, we observe that most of the packages that depend on
> HOME need to be modified to set HOME, and the location of the new HOME is
> often inconsistently decided.
>
> If it is documented, I will admit defeat.
>
> If the reason Nix doesn't set HOME isn't documented, I think I will try
> setting HOME to a subdirectory of /tmp taking the target's hash and name
> into account. If that doesn't break anything, I think I will send a patch
> for core-updates. I would expect the patch to trigger a mass rebuild of
> every package. Hopefully that can be tested rigorously before core-updates
> is merged into master, and we will no longer need to change HOME when an
> install script depends on it.
>
> If anyone objects, please respond sooner rather than later.
It is documented there: https://nixos.org/nix/manual/#ssec-derivation
--8<---------------cut here---------------start------------->8---
HOME is set to /homeless-shelter to prevent programs from using
/etc/passwd or the like to find the user's home directory, which could
cause impurity. Usually, when HOME is set, it is used as the location of
the home directory, even if it points to a non-existent path.
--8<---------------cut here---------------end--------------->8---
and there:
https://nixos.org/nixos/nix-pills/working-derivation.html#idm140737316220720
--8<---------------cut here---------------start------------->8---
$HOME is not your home directory, and /homeless-shelter doesn't exist at
all. We force packages not to depend on $HOME during the build process.
--8<---------------cut here---------------end--------------->8---
and there:
https://github.com/NixOS/nix/blob/258897c265a6d6575f1669a896ab6f5ab92337c3/src/libstore/build.cc#L1694
--8<---------------cut here---------------start------------->8---
Set HOME to a non-existing path to prevent certain programs from using
/etc/passwd (or NIS, or whatever) to locate the home directory (for
example, wget looks for ~/.wgetrc). I.e., these tools use /etc/passwd
if HOME is not set, but they will just assume that the settings file
they are looking for does not exist if HOME is set but points to some
non-existing path.
--8<---------------cut here---------------end--------------->8---
There's even a commit to complain if that directory exists:
https://github.com/NixOS/nix/commit/258897c265a6d6575f1669a896ab6f5ab92337c3#diff-267a6391980cbd9a743958945ff44ef9
--8<---------------cut here---------------start------------->8---
if (pathExists(homeDir))
throw Error(format("directory `%1%' exists; please remove it") % homeDir);
--8<---------------cut here---------------end--------------->8---
Clément
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Why is the default $HOME /homeless-shelter?
2019-11-18 12:15 ` Clément Lassieur
@ 2019-11-23 17:33 ` Ludovic Courtès
0 siblings, 0 replies; 5+ messages in thread
From: Ludovic Courtès @ 2019-11-23 17:33 UTC (permalink / raw)
To: Clément Lassieur; +Cc: guix-devel, Jesse Gibbons
Hi Clément,
Thanks for researching this!
clement@lassieur.org (Clément Lassieur) skribis:
> https://github.com/NixOS/nix/blob/258897c265a6d6575f1669a896ab6f5ab92337c3/src/libstore/build.cc#L1694
>
> Set HOME to a non-existing path to prevent certain programs from using
> /etc/passwd (or NIS, or whatever) to locate the home directory (for
> example, wget looks for ~/.wgetrc). I.e., these tools use /etc/passwd
> if HOME is not set, but they will just assume that the settings file
> they are looking for does not exist if HOME is set but points to some
> non-existing path.
I think this rationale predates chrooted builds or at least their
widespread use (last I checked chrooted builds were still not the
default for Nix):
https://github.com/NixOS/nix/commit/a88144215c263e62528108dfae1e781058344ef2
Ludo’.
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2019-11-23 17:33 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-11-17 0:55 Why is the default $HOME /homeless-shelter? Jesse Gibbons
2019-11-17 21:39 ` Ludovic Courtès
2019-11-17 22:58 ` Jesse Gibbons
2019-11-18 12:15 ` Clément Lassieur
2019-11-23 17:33 ` Ludovic Courtès
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).