From: Attila Lendvai <attila@lendvai.name>
To: Felix Lechner <felix.lechner@lease-up.com>
Cc: guix-devel <guix-devel@gnu.org>
Subject: Re: shepherd service, unexplained permission errors
Date: Thu, 29 Jun 2023 07:42:06 +0000 [thread overview]
Message-ID: <uX_8566cbbxNuGHAt8j7XELkLaNR87U2aLRJ3HqXP_ONBV_EbfIod34TzwW9lEgs6OWnIdIfQMtAFZJyd7oPWOUy2_UWTh58IKqsoosSCEM=@lendvai.name> (raw)
In-Reply-To: <CAFHYt57GorwRtB4cR5m-kK19VFRhnfuscO9CXTHjE_Dm8ET9ug@mail.gmail.com>
thank you Felix!
the broken expectation from me was that users "have" a group and supplementar-groups (as suggested by the (user-account #:group ...) constructor), and if i specify the user to fork+exec-command, then it sets "its" group, too (i tried with and without specifying a #:group).
in retrospect it should have been obvious, because the fork+exec-command API is on the abstraction level of linux, not that of guix.
the solution that works now is essentially:
(fork+exec-command
cmd
#:user "zigbee2mqtt"
#:group '#$(user-account-group *zigbee2mqtt-user*)
#:supplementary-groups
'#$(user-account-supplementary-groups *zigbee2mqtt-user*))
thanks again,
--
• attila lendvai
• PGP: 963F 5D5F 45C7 DFCD 0A39
--
“Enlightenment is man's leaving his self-caused immaturity. Immaturity is the incapacity to use one's intelligence without the guidance of another.”
— Immanuel Kant (1724–1804)
prev parent reply other threads:[~2023-06-29 7:42 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-28 20:27 shepherd service, unexplained permission errors Attila Lendvai
2023-06-28 20:56 ` Felix Lechner via Development of GNU Guix and the GNU System distribution.
2023-06-29 7:42 ` Attila Lendvai [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='uX_8566cbbxNuGHAt8j7XELkLaNR87U2aLRJ3HqXP_ONBV_EbfIod34TzwW9lEgs6OWnIdIfQMtAFZJyd7oPWOUy2_UWTh58IKqsoosSCEM=@lendvai.name' \
--to=attila@lendvai.name \
--cc=felix.lechner@lease-up.com \
--cc=guix-devel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).