From: "Ludovic Courtès" <ludo@gnu.org>
To: "Thompson, David" <dthompson2@worcester.edu>
Cc: Christopher Baines <guix@cbaines.net>,
67288@debbugs.gnu.org, Arun Isaac <arunisaac@systemreboot.net>
Subject: [bug#67288] [PATCH] services: laminar: Add configuration option for supplementary groups
Date: Sat, 25 Nov 2023 16:25:22 +0100 [thread overview]
Message-ID: <87leal4zz1.fsf@gnu.org> (raw)
In-Reply-To: <CAJ=RwfaSXfTeFn_H9Jme10hdYzeQnxTMakbJb2ksTZ+3km_aiA@mail.gmail.com> (David Thompson's message of "Sun, 19 Nov 2023 14:58:30 -0500")
Hi,
"Thompson, David" <dthompson2@worcester.edu> skribis:
> I started using Laminar CI for my personal server, but I had trouble
> with the current system service. My server is configured to only allow
> members of the "git" group access to the Git repositories, so the CI
> job running as the "laminar" user couldn't do anything useful. This
> patch adds a new configuration field for a list of supplementary
> groups to be used for the "laminar" user and the service process.
Cc’ing Arun and Chris, who know better than me. Is this a problem they
worked around so far?
> From ed62d885a5493f64779bc9c2a9b9978af8f61824 Mon Sep 17 00:00:00 2001
> Message-ID: <ed62d885a5493f64779bc9c2a9b9978af8f61824.1700423610.git.dthompson2@worcester.edu>
> From: David Thompson <dthompson2@worcester.edu>
> Date: Sun, 19 Nov 2023 14:46:52 -0500
> Subject: [PATCH] services: laminar: Add configuration option for supplementary
> groups.
>
> * gnu/services/ci (<laminar-configuration>)[supplemental-groups]: New field.
> (laminar-shepherd-service): Exec laminard with supplementary groups.
> (laminar-account): Add supplementary groups to laminar user.
> * doc/guix.texi (Laminar): Document new configuration field.
[...]
> +@item @code{supplementary-groups} (default: @code{()})
> +Supplementary groups for the Laminar user account.
Perhaps mention the “git” group example you gave above?
Otherwise looks pretty harmless to me.
Ludo’.
next prev parent reply other threads:[~2023-11-25 15:26 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-19 19:58 [bug#67288] [PATCH] services: laminar: Add configuration option for supplementary groups Thompson, David
2023-11-25 15:25 ` Ludovic Courtès [this message]
2023-11-26 0:00 ` Arun Isaac
2023-11-26 0:16 ` Thompson, David
2023-11-26 15:47 ` Arun Isaac
2023-12-06 13:19 ` Arun Isaac
2023-12-28 17:58 ` bug#67288: [EXT] Re: [bug#67288] " Thompson, David
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87leal4zz1.fsf@gnu.org \
--to=ludo@gnu.org \
--cc=67288@debbugs.gnu.org \
--cc=arunisaac@systemreboot.net \
--cc=dthompson2@worcester.edu \
--cc=guix@cbaines.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).