From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp2 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id AKGNJkhfBGClRAAA0tVLHw (envelope-from ) for ; Sun, 17 Jan 2021 16:01:12 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp2 with LMTPS id kFuDIkhfBGAocgAAB5/wlQ (envelope-from ) for ; Sun, 17 Jan 2021 16:01:12 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 2CB5F9403AC for ; Sun, 17 Jan 2021 16:01:12 +0000 (UTC) Received: from localhost ([::1]:56998 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1l1AUJ-00007O-5C for larch@yhetil.org; Sun, 17 Jan 2021 11:01:11 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:54374) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1l1AUA-00005n-B6 for guix-patches@gnu.org; Sun, 17 Jan 2021 11:01:02 -0500 Received: from debbugs.gnu.org ([209.51.188.43]:33967) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1l1AUA-0000jw-20 for guix-patches@gnu.org; Sun, 17 Jan 2021 11:01:02 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1l1AUA-0004Br-0i for guix-patches@gnu.org; Sun, 17 Jan 2021 11:01:02 -0500 X-Loop: help-debbugs@gnu.org Subject: [bug#45937] [PATCH] gnu: php-fpm: Ensure no duplicate group. Resent-From: Julien Lepiller Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Sun, 17 Jan 2021 16:01:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 45937 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 45937@debbugs.gnu.org X-Debbugs-Original-To: guix-patches@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.161089921816030 (code B ref -1); Sun, 17 Jan 2021 16:01:01 +0000 Received: (at submit) by debbugs.gnu.org; 17 Jan 2021 16:00:18 +0000 Received: from localhost ([127.0.0.1]:45513 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1l1ATS-0004AU-8F for submit@debbugs.gnu.org; Sun, 17 Jan 2021 11:00:18 -0500 Received: from lists.gnu.org ([209.51.188.17]:50030) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1l1ATR-0004AN-4F for submit@debbugs.gnu.org; Sun, 17 Jan 2021 11:00:17 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:54212) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1l1ATQ-0007vH-He for guix-patches@gnu.org; Sun, 17 Jan 2021 11:00:16 -0500 Received: from lepiller.eu ([2a00:5884:8208::1]:56532) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1l1ATO-0000HL-D3 for guix-patches@gnu.org; Sun, 17 Jan 2021 11:00:16 -0500 Received: from lepiller.eu (localhost [127.0.0.1]) by lepiller.eu (OpenSMTPD) with ESMTP id f63805f2 for ; Sun, 17 Jan 2021 16:00:07 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=lepiller.eu; h=date:from :to:subject:message-id:mime-version:content-type; s=dkim; bh=OXP mqMC2IIeMmCgA6VdSc9dIfxCsUhxV2JG5Sf//DLQ=; b=OmwXxc2c28lhROpyxX4 xbKP+74sjwj5YQY+qjNRkJWUKVUbnEWYe3VT8UoHJvlMoZ9cDRrtFXRC1c8FH6JT 8GwsfTTt701Z+4MBBc8r2wngFdIUiKi9MlDI4tHpQiF5fWejLgGcl3+W+awnxgDa eKvHOR0RLUrl2nHE29QYvXvJhBgDU5r3aTRwd6Tl3xPFBMRP/Zbi8ceIErXnd8gL YyBBjvkPefPtYZN1zqQVoZZj27B6WIez1lOkloZ07bouFViMLwBkQeL5pNdsdX2G dDYBqyjsq57SQ6SnMmCME9u71bNAbgxTrpAj+NPpNGIUhLEJ8c6Xxo3D59lNY/Sa qrA== Received: by lepiller.eu (OpenSMTPD) with ESMTPSA id 5e8242a7 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256:NO) for ; Sun, 17 Jan 2021 16:00:07 +0000 (UTC) Date: Sun, 17 Jan 2021 17:00:00 +0100 From: Julien Lepiller Message-ID: <20210117170000.718e6062@tachikoma.lepiller.eu> X-Mailer: Claws Mail 3.17.8 (GTK+ 2.24.32; x86_64-pc-linux-gnu) MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="MP_/EbqchSEe21ZQaovEK==837K" Received-SPF: pass client-ip=2a00:5884:8208::1; envelope-from=julien@lepiller.eu; helo=lepiller.eu X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: "Guix-patches" X-Migadu-Flow: FLOW_IN X-Migadu-Spam-Score: -1.26 Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=lepiller.eu header.s=dkim header.b=OmwXxc2c; dmarc=fail reason="SPF not aligned (relaxed)" header.from=lepiller.eu (policy=none); spf=pass (aspmx1.migadu.com: domain of guix-patches-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-patches-bounces@gnu.org X-Migadu-Queue-Id: 2CB5F9403AC X-Spam-Score: -1.26 X-Migadu-Scanner: scn0.migadu.com X-TUID: mIPf8gtfJowV --MP_/EbqchSEe21ZQaovEK==837K Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Content-Disposition: inline Hi Guix! When updating my system, I noticed there was a duplicate php-fpm group. The reason is that by default, the group is php-fpm, and the accounts list contains php-fpm and the configured group. I'm not sure why, but the hardcoded php-fpm group seems to be used by the user as a supplementary group. This patch only adds the php-fpm group when the configured group is not already php-fpm. If you think it'd be better, we could also simply remove the hard-coded php-fpm group and the supplementary group from the php-fpm user. --MP_/EbqchSEe21ZQaovEK==837K Content-Type: text/x-patch Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=0001-gnu-php-fpm-Ensure-no-duplicate-group.patch >From d50e84c66d9cc9fa027035b9265e80ecab22aa00 Mon Sep 17 00:00:00 2001 From: Julien Lepiller Date: Sat, 16 Jan 2021 20:42:32 +0100 Subject: [PATCH] gnu: php-fpm: Ensure no duplicate group. * gnu/services/web.scm (php-fpm-accounts): Ensure `php-fpm` group is not duplicated. --- gnu/services/web.scm | 27 ++++++++++++++------------- 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/gnu/services/web.scm b/gnu/services/web.scm index 855f4e649b..f8dc621614 100644 --- a/gnu/services/web.scm +++ b/gnu/services/web.scm @@ -922,19 +922,20 @@ of index files." (define php-fpm-accounts (match-lambda (($ php socket user group socket-user socket-group _ _ _ _ _ _) - (list - (user-group (name "php-fpm") (system? #t)) - (user-group - (name group) - (system? #t)) - (user-account - (name user) - (group group) - (supplementary-groups '("php-fpm")) - (system? #t) - (comment "php-fpm daemon user") - (home-directory "/var/empty") - (shell (file-append shadow "/sbin/nologin"))))))) + `(,@(if (equal? group "php-fpm") + '() + (list (user-group (name "php-fpm") (system? #t)))) + ,(user-group + (name group) + (system? #t)) + ,(user-account + (name user) + (group group) + (supplementary-groups '("php-fpm")) + (system? #t) + (comment "php-fpm daemon user") + (home-directory "/var/empty") + (shell (file-append shadow "/sbin/nologin"))))))) (define (default-php-fpm-config socket user group socket-user socket-group pid-file log-file pm display-errors timezone workers-log-file) -- 2.30.0 --MP_/EbqchSEe21ZQaovEK==837K--