From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <guix-patches-bounces+larch=yhetil.org@gnu.org>
Received: from mp10.migadu.com ([2001:41d0:8:6d80::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by ms0.migadu.com with LMTPS
	id SK5cKqA7VWJRXgEAgWs5BA
	(envelope-from <guix-patches-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Tue, 12 Apr 2022 10:43:12 +0200
Received: from aspmx1.migadu.com ([2001:41d0:8:6d80::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by mp10.migadu.com with LMTPS
	id OBhaI6A7VWJJIAEAG6o9tA
	(envelope-from <guix-patches-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Tue, 12 Apr 2022 10:43:12 +0200
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by aspmx1.migadu.com (Postfix) with ESMTPS id 26B011BD14
	for <larch@yhetil.org>; Tue, 12 Apr 2022 10:43:12 +0200 (CEST)
Received: from localhost ([::1]:55942 helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <guix-patches-bounces+larch=yhetil.org@gnu.org>)
	id 1neC7C-0001Pg-2R
	for larch@yhetil.org; Tue, 12 Apr 2022 04:43:10 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:42718)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1neC74-0001PY-3U
 for guix-patches@gnu.org; Tue, 12 Apr 2022 04:43:02 -0400
Received: from debbugs.gnu.org ([209.51.188.43]:53558)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1neC73-000495-KE
 for guix-patches@gnu.org; Tue, 12 Apr 2022 04:43:01 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1neC73-0004nJ-If
 for guix-patches@gnu.org; Tue, 12 Apr 2022 04:43:01 -0400
X-Loop: help-debbugs@gnu.org
Subject: [bug#54811] [PATCH 0/3] Support socket activation in 'guix publish'
 and 'guix-daemon'
Resent-From: Maxime Devos <maximedevos@telenet.be>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: guix-patches@gnu.org
Resent-Date: Tue, 12 Apr 2022 08:43:01 +0000
Resent-Message-ID: <handler.54811.B54811.164975293718362@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 54811
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: Ludovic =?UTF-8?Q?Court=C3=A8s?= <ludo@gnu.org>
Cc: 54811@debbugs.gnu.org
Received: via spool by 54811-submit@debbugs.gnu.org id=B54811.164975293718362
 (code B ref 54811); Tue, 12 Apr 2022 08:43:01 +0000
Received: (at 54811) by debbugs.gnu.org; 12 Apr 2022 08:42:17 +0000
Received: from localhost ([127.0.0.1]:47455 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1neC6L-0004m6-AN
 for submit@debbugs.gnu.org; Tue, 12 Apr 2022 04:42:17 -0400
Received: from laurent.telenet-ops.be ([195.130.137.89]:59770)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <maximedevos@telenet.be>) id 1neC6I-0004lw-I3
 for 54811@debbugs.gnu.org; Tue, 12 Apr 2022 04:42:15 -0400
Received: from ptr-bvsjgyhxw7psv60dyze.18120a2.ip6.access.telenet.be
 ([IPv6:2a02:1811:8c09:9d00:3c5f:2eff:feb0:ba5a])
 by laurent.telenet-ops.be with bizsmtp
 id HkiC2700X4UW6Th01kiC07; Tue, 12 Apr 2022 10:42:13 +0200
Message-ID: <4b82341ee0e4bdebbdf477ede00b6a8b33949788.camel@telenet.be>
From: Maxime Devos <maximedevos@telenet.be>
Date: Tue, 12 Apr 2022 10:42:07 +0200
In-Reply-To: <87bkx7gy2f.fsf_-_@gnu.org>
References: <20220409091246.6979-1-ludo@gnu.org>
 <09e052a24c04b9ce45131e77a9c2eeffc57149e4.camel@telenet.be>
 <87tub26lva.fsf_-_@gnu.org>
 <39d3583decc263e805b27aea6bac138dbc9787b3.camel@telenet.be>
 <87sfqk6dvi.fsf@gnu.org>
 <7deae864707fc4aab3eadc28936775c6b920f8f9.camel@telenet.be>
 <877d7wkl18.fsf@gnu.org>
 <5ba8549a9336a998133083939b1425f8bb5ad77f.camel@telenet.be>
 <87bkx7gy2f.fsf_-_@gnu.org>
Content-Type: multipart/signed; micalg="pgp-sha512";
 protocol="application/pgp-signature"; boundary="=-iJ1hck27Kv3FQmVyrVSP"
User-Agent: Evolution 3.38.3-1 
MIME-Version: 1.0
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telenet.be; s=r22;
 t=1649752933; bh=Ix0OLld14kRsbeM+l2apFefnhgKrrBk/rX80t+QGiX8=;
 h=Subject:From:To:Cc:Date:In-Reply-To:References;
 b=C14zXV4uJ8g9M5YCYxTDwe0u4c4C8AuFodF66rWJuNVge5K1TAITYWVtvXrbSiHEY
 RzM4IZi9UXRP67yQ6nodR2QDVsHdgjhQV2/l0PC8mUtrSHkrgaYvdI81mqECiAGkGK
 vWMqhcHci3B4OEopitE01pSKt3IbOjb0av2Ac6sOzElSIQhN+eqZUNFzp2L3gIycgI
 dFM6+p3EPwBdH8TXB0xW7Yn9epAO2x6mwbiCmDbZhT9T5CDV63CiEKDRoNBplkM9UM
 vgVxNdQXrKw7BVpZy7umtDDED9l/7NDvqqECBXxdL7JmayeKMRzGjM8IzOn4rB9LE5
 E3MyBUVb7dSHQ==
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-BeenThere: guix-patches@gnu.org
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-patches>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=subscribe>
Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org
Sender: "Guix-patches" <guix-patches-bounces+larch=yhetil.org@gnu.org>
X-Migadu-Flow: FLOW_IN
X-Migadu-To: larch@yhetil.org
X-Migadu-Country: US
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org;
	s=key1; t=1649752992;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:resent-cc:resent-from:resent-sender:
	 resent-message-id:in-reply-to:in-reply-to:references:references:
	 list-id:list-help:list-unsubscribe:list-subscribe:list-post:
	 dkim-signature; bh=Ix0OLld14kRsbeM+l2apFefnhgKrrBk/rX80t+QGiX8=;
	b=rkJZctJsCnb5Mng8BF1QPhqUCgUQ2tpSSywfXpLMJZrqjWXa2QscCZa8AmfP3dHEoFhvnW
	5UMMG3qzLNuhbNXQeJSTzutLVYlD6jbcGB7Kr0/Daa9RGzCajJbk/lXRGQ9/XYKZKs+hIA
	aTSg92CDSEAIeXPOwBkZ7FRRpNG/QyWWcn9jurfVEQNuhz7Y1tlhZTHp0dNhLZbUvqU2Cv
	Dk1q35U2S0wmeSMRJg8AUDVHHll36cEvOcvXLBGE1q4SX6NpFdkQ/6VGvEwVCGeebX9Jha
	Dso7OerSDIF+KZ8NEGH4vk8VhTQ9qnm+zZO5q4iRCvkG2D/wzzplhvyrl0QN4w==
ARC-Seal: i=1; s=key1; d=yhetil.org; t=1649752992; a=rsa-sha256; cv=none;
	b=hy3UKOvDEsIm4alq5UECZV7N5d7AYlDgDzqO3+OEZvL4XwiWRWttg13Oy1g31ESpiIWN2a
	bbAzkGRpNnlM6TO5gy7MHPyr1E3uBkyDLB6xh+kMXrYfVNqItMeGj0qEloXE+2gE8Bwhon
	YG2ZL9txaJBItzpodg90Hwdtkjuc7gxOr7wG/IIigkE+oUM8eXXPUt57YefolvnIz0S0Cw
	JsQeCxnaX3AczbYQTdUW7vUSLfcUSKXLYaDQBZJYtkbAg37w92MIooVSts9BHJzOZvFRED
	FcZB6nE7DldcAxhHgIcwLXlhGeruVRXu17mz7ZcdylSGdA7tqDt11eDfIHXcCw==
ARC-Authentication-Results: i=1;
	aspmx1.migadu.com;
	dkim=fail ("headers rsa verify failed") header.d=telenet.be header.s=r22 header.b=C14zXV4u;
	dmarc=fail reason="SPF not aligned (relaxed)" header.from=telenet.be (policy=none);
	spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org"
X-Migadu-Spam-Score: 4.04
Authentication-Results: aspmx1.migadu.com;
	dkim=fail ("headers rsa verify failed") header.d=telenet.be header.s=r22 header.b=C14zXV4u;
	dmarc=fail reason="SPF not aligned (relaxed)" header.from=telenet.be (policy=none);
	spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org"
X-Migadu-Queue-Id: 26B011BD14
X-Spam-Score: 4.04
X-Migadu-Scanner: scn0.migadu.com
X-TUID: c1Kde9MMdoIq


--=-iJ1hck27Kv3FQmVyrVSP
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

Ludovic Court=C3=A8s schreef op ma 11-04-2022 om 22:33 [+0200]:
> > Alternatively, the shepherd could open the secret key file on
> > behalf of
> > =E2=80=98guix publish=E2=80=99 and send it together with the listening =
socket to
> > =E2=80=98guix
> > publish=E2=80=99.
>=20
> Sure, that=E2=80=99s feasible, but that=E2=80=99d require a custom protoc=
ol that I=E2=80=99d
> rather avoid.

I don't think it does, as long as we are using Shepherd and not SystemD
(I don't think that SystemD supports opening regular files instead of
sockets?), we could just=20

  * extend 'endpoint->listening-socket' (in Shepherd) to allow opening
    regular files (and not only actual sockets)
  * in 'systemd-socket' (in (guix scripts publish)), expect two startup
    file descriptors instead of one startup file descriptor, and return
    both (the first one is the actual listening socket, the second one
    the secret key file)
  * modify 'guix-publish' appropriately
  * modify the guix-publish service to pass the file descriptor of the
    secret key file in addition to listening socket.

Greetings,
Maxime.

--=-iJ1hck27Kv3FQmVyrVSP
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----

iI0EABYKADUWIQTB8z7iDFKP233XAR9J4+4iGRcl7gUCYlU7XxccbWF4aW1lZGV2
b3NAdGVsZW5ldC5iZQAKCRBJ4+4iGRcl7h95AP9DWQBnGpRmnT+KS1K98h+2CDVl
R9a5kSKYb/AdUajhCAD/Urv6RbCHzu9aAaX5yBxK2q+VqF8+r75lAeS9TScBKwA=
=FbrF
-----END PGP SIGNATURE-----

--=-iJ1hck27Kv3FQmVyrVSP--