From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <guix-devel-bounces+larch=yhetil.org@gnu.org>
Received: from mp11.migadu.com ([2001:41d0:2:4a6f::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by ms9.migadu.com with LMTPS
	id gOvOBlY1bmRpDAEASxT56A
	(envelope-from <guix-devel-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Wed, 24 May 2023 18:03:34 +0200
Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by mp11.migadu.com with LMTPS
	id UJafBlY1bmSLcAEA9RJhRA
	(envelope-from <guix-devel-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Wed, 24 May 2023 18:03:34 +0200
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by aspmx1.migadu.com (Postfix) with ESMTPS id EB54D1242E
	for <larch@yhetil.org>; Wed, 24 May 2023 18:03:33 +0200 (CEST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <guix-devel-bounces@gnu.org>)
	id 1q1qwL-0000vf-EY; Wed, 24 May 2023 12:02:19 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <maxim.cournoyer@gmail.com>)
 id 1q1qvz-0000u5-Ns
 for guix-devel@gnu.org; Wed, 24 May 2023 12:01:55 -0400
Received: from mail-qt1-x829.google.com ([2607:f8b0:4864:20::829])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <maxim.cournoyer@gmail.com>)
 id 1q1qvx-0000d3-NS
 for guix-devel@gnu.org; Wed, 24 May 2023 12:01:55 -0400
Received: by mail-qt1-x829.google.com with SMTP id
 d75a77b69052e-3f6c6020cfbso3570021cf.2
 for <guix-devel@gnu.org>; Wed, 24 May 2023 09:01:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20221208; t=1684944111; x=1687536111;
 h=mime-version:user-agent:message-id:in-reply-to:date:references
 :subject:cc:to:from:from:to:cc:subject:date:message-id:reply-to;
 bh=O6BNJSNTXgNIN3D1D1bVM8VF21vQPCB4oDRRPvRJM4w=;
 b=OXrCjzN2aOf8aqew3vN2UKg0YpIaF6TyBe1bjeFyAQ5gDQ0nxYxYVxBz8tnQ2x/rSg
 Yz2sF2ya/QKNqj814x/TZKJSvdYL+c4aaenJ3Sw783yp8hS+BKyg59OV2D3s9xUlgnoG
 lHTDfIiYC92xjZfPPKNoRGSVcXl37WRhlrqzRU0C3B/VQcv+lQceH8OzzYZCsNPNST6+
 LyyipKKS7vZi6/ATszymsbFYxOKzYNaX5WCXsmnOwo4CGeEtId+ZiyKPHXzpnhNKadVL
 MJTfvmFYNwFQ3IgDIAbkXLTIsxyoWe9nzfyP7fSnHxDK9/jhJ5PZIUYN3kUKR+SJi5sy
 OF0g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20221208; t=1684944111; x=1687536111;
 h=mime-version:user-agent:message-id:in-reply-to:date:references
 :subject:cc:to:from:x-gm-message-state:from:to:cc:subject:date
 :message-id:reply-to;
 bh=O6BNJSNTXgNIN3D1D1bVM8VF21vQPCB4oDRRPvRJM4w=;
 b=kp50c+u1/kbTfkUNae9tbrq9IsesOs8e1PJV/sdQJUsb7IQ2+9mp1jEZRlxFSZ1Gpb
 FtHStVTQo5w2/0UjavSCh5b/EJ60DjevbX5O21gvAwJIdXpU1LhiJ/xJ/8VelNyfRPJJ
 vRFHPLZ33fcmZMg2NU61YSzGGjbg8dIp4ksqXmdvZ36IczafJkBxjbeTGFkwwxH/d9ov
 8ZzNGXQqf1N/QgJaNlhaEr0EczopcKQE8TnYN2F4Jwi4e1nYYtFORk1UAHDokZh8dLGB
 YUgqMMxMk+FgeQrMr/97CDKId3Ut7rXZjBi62T22hJuz04dS4ZJfLzsEcKeum8X4NOcd
 5UYw==
X-Gm-Message-State: AC+VfDxfRJK56x5KOnQTFnlNdLTUD1t62pxyt+Jl6yZ6D8xDcPhIiAHs
 K4CacEO0oMjk3XUCAYnJQCgUqm+a+Y+uug==
X-Google-Smtp-Source: ACHHUZ4tsDdo5j+bomuQMThaDj6ef9BkQyykJLj4Vsd+kVU6A5Czw3dndLLh4CX5OWwdFnyr+yMtKg==
X-Received: by 2002:a05:622a:20c:b0:3e6:4d56:448c with SMTP id
 b12-20020a05622a020c00b003e64d56448cmr27948084qtx.30.1684944111258; 
 Wed, 24 May 2023 09:01:51 -0700 (PDT)
Received: from hurd (dsl-10-133-118.b2b2c.ca. [72.10.133.118])
 by smtp.gmail.com with ESMTPSA id
 r4-20020ac87ee4000000b003b9b8ec742csm2393838qtc.14.2023.05.24.09.01.50
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 24 May 2023 09:01:50 -0700 (PDT)
From: Maxim Cournoyer <maxim.cournoyer@gmail.com>
To: muradm <mail@muradm.net>
Cc: guix-devel@gnu.org
Subject: Re: Enabling PAM support or not only..
References: <87r0r78sul.fsf@muradm.net>
Date: Wed, 24 May 2023 12:01:49 -0400
In-Reply-To: <87r0r78sul.fsf@muradm.net> (muradm's message of "Tue, 23 May
 2023 08:24:50 +0300")
Message-ID: <87v8ghhg5u.fsf@gmail.com>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
Received-SPF: pass client-ip=2607:f8b0:4864:20::829;
 envelope-from=maxim.cournoyer@gmail.com; helo=mail-qt1-x829.google.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001,
 RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001,
 T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: guix-devel@gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Development of GNU Guix and the GNU System distribution."
 <guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
 <mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-devel>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
 <mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org
Sender: guix-devel-bounces+larch=yhetil.org@gnu.org
X-Migadu-Country: US
X-Migadu-Flow: FLOW_IN
ARC-Seal: i=1; s=key1; d=yhetil.org; t=1684944214; a=rsa-sha256; cv=none;
	b=dDwe1o6dhAZPMCETgdq9iRgwcPNrJT0PNjG6Hiata7f2XrtIawzZenvYTDPI+q3iGU0/hU
	xWA2BPqsiwIr/JCf+wefXO1uI93Qd3Wg3nCzz5SsFxUhN/LKGUwJq+JbYRDpwJTBx3bXLZ
	eGcWqi4MNK9wamZOqAzu+bNeWVWgvB7Hjb2I7nCcQcx1wQrbxcHCEExCEA/E13GGX/KTF1
	Rs/UOQrDvSiD4iLXQGq8OBSBllt895ekMar5Zg6Z6mo7kqoGDrUSON45ZFNajDzNNRH6jq
	8b2VmbVSNhY9eOgHdiqQ2xHJPmWgceEzenCBRRF0ckrz3eLOqefWro27/tiJ9Q==
ARC-Authentication-Results: i=1;
	aspmx1.migadu.com;
	dkim=pass header.d=gmail.com header.s=20221208 header.b=OXrCjzN2;
	dmarc=pass (policy=none) header.from=gmail.com;
	spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org"
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org;
	s=key1; t=1684944214;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:in-reply-to:in-reply-to:
	 references:references:list-id:list-help:list-unsubscribe:
	 list-subscribe:list-post:dkim-signature;
	bh=O6BNJSNTXgNIN3D1D1bVM8VF21vQPCB4oDRRPvRJM4w=;
	b=QhaQxjsup5Ivmy2xf/yENm1GxgUTxCJru470wF2l1ar+3GQrq1eubKQZ042O/4WTZbt6f7
	Srlom7nbOWFORXkCerwsgYy9UEOFFIld72w67ClAqJkaAlgwf1alJBSdRrAOV0kHIxLLyw
	6iRVO4slpfAoT3T07faZ5Pqu1urGEvZqV5L4R/Q1ZuolZdEjtkk51H/i+Z4ysiiT2ZlY40
	dqMF8GE6mdu/OL3xEwAAHBLp4pkJvddggMgu0Gq1CiWIIWnkPeJ7thHK1IYaTWuVHDp4S9
	XT/SdwNcv8D53ZyzxRwXgDuRuSeHnDiPw25FDIBVVVTH7qwom26NEDg49yIc5Q==
X-Migadu-Spam-Score: -10.37
X-Spam-Score: -10.37
X-Migadu-Queue-Id: EB54D1242E
X-Migadu-Scanner: scn0.migadu.com
Authentication-Results: aspmx1.migadu.com;
	dkim=pass header.d=gmail.com header.s=20221208 header.b=OXrCjzN2;
	dmarc=pass (policy=none) header.from=gmail.com;
	spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org"
X-TUID: RPd32rL5LFgM

Hi Muradm,

muradm <mail@muradm.net> writes:

[...]

> core-updates merging commit 3bacd3c76a added linux-pam to cups
> package. Resulting in https://issues.guix.gnu.org/issue/63198.
> While switching cups-service-type's default package from cups
> to cups-minimal solves authentication issue, it however
> broke ipptool printer finder tool. When PAM support is
> compiled in, it does not work without proper PAM entry.
>
> While workaround could be as simple as:
>
> +(simple-service
> + 'cups-pam-service
> + pam-root-service-type
> + (list (unix-pam-service "cups" #:allow-empty-passwords? #f)))
>
>
> Total solution could be:
> https://issues.guix.gnu.org/issue/63198#4

Now applied, thanks.

>
> swaylock with screen-locker-service-type:
>
> commit 146bae3979 added linux-pam to swaylock package. Resulting
> in https://issues.guix.gnu.org/issue/63357#2.
>
> While workaround could be as simple as:
>
> -(service screen-locker-service-type
> -         (screen-locker-configuration
> -          "swaylock" (file-append swaylock "/bin/swaylock") 
>            #f)))))
> +(simple-service
> + 'cups-pam-service
> + pam-root-service-type
> + (list (unix-pam-service "cups" #:allow-empty-passwords? #f)))
>
> Detailed explanation with total solution is provided in
> https://issues.guix.gnu.org/issue/63652.
>
>
> The following coming afterwards to my mind:
>
> GUIX at first is package manager, so there are a lot of them,
> but of two types:
>   - BOUND - ones referenced from (gnu system) (gnu services)
>   - FREE-STANDING - ones not referenced

I don't know about swaylock, but for CUPS, the change was strictly
required; you can't build the full CUPS without PAM anymore, I think.  I
had tried as a possible solution to the PAM problems.

So the distinction between bound and free-standing in this context is
not very useful (when the changes are forced by upstream rather than
chosen by the contributors).  What would be useful though is increasing
our test coverage to catch these issues.

-- 
Thanks,
Maxim