From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp2.migadu.com ([2001:41d0:303:e224::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms1.migadu.com with LMTPS id WC/LKpItQmbjywAAe85BDQ:P1 (envelope-from ) for ; Mon, 13 May 2024 17:11:14 +0200 Received: from aspmx1.migadu.com ([2001:41d0:303:e224::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp2.migadu.com with LMTPS id WC/LKpItQmbjywAAe85BDQ (envelope-from ) for ; Mon, 13 May 2024 17:11:14 +0200 X-Envelope-To: larch@yhetil.org Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=gnu.org header.s=fencepost-gnu-org header.b=rUbImEHN; dmarc=pass (policy=none) header.from=gnu.org; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org" ARC-Seal: i=1; s=key1; d=yhetil.org; t=1715613074; a=rsa-sha256; cv=none; b=Ge3UO4XWeBvHpRqbaJ4uFFLnIcMaXvPYGS47ExzmGcg/vPvz9enpQDNs8NjRmaMzdbo+/t 2vgYo8r2TuP3E70vWgj4Y1TbAeRnkkTdE5mVPSE88T9zLIv1SmiAw7VdijB0tuzF/w65dw uIKUNyQ4+6IiRrfDtTcOGE6IovG5aJJL5kOVDwQRP5gB5jOkQrWpB44aLCoIYMpj6vvdiM EjYN57FUAo5VLyKPAIf3QJq8LDdFvg5INHj1yo/nxKppYmU68o+jmjxrRBkGp+gpM14+VW N9qgUItekfFDwj2HYwAN/SPvgIvXjFQjLElutxpJbGofwLCeV2we1+putWyNNw== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=gnu.org header.s=fencepost-gnu-org header.b=rUbImEHN; dmarc=pass (policy=none) header.from=gnu.org; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org" ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1715613074; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:resent-cc: resent-from:resent-sender:resent-message-id:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=d8oT9FPYLUnlYkoOibx0O2C0iKMngpQQru8GlXCyk0U=; b=Q6wNVTSPBxYnemy6YwyYMPjgBesm/FWS0wSGdHQlHO2QKDKu9b6OfCS21hbKlVJtiEF1Md Hq035P8FWgQ9C86yl0i3vbOPA3vlbRO7WLKhee+O/u2uVCAuOPLIKYY2HE6eaQJ1cGIMMs lv4c+vjW/ijcW6eevhdzc0nVGhintz+F7Xfo5fVHCmLovpn9RS6kztu2Sxz+9ZG1So0VKY q9SKKnD94aHJ8nYzaL4VgXzkx7LkAOYAbfOHojsYXX+JIpvo7CUkcVXAtSE8Iys+oelD3J Z/tj1a43xXtkmdoqQTCVM+2oRGeRBqjHX26ZtRyFMnWKMK8h8/Dy+G8NzWawZA== Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 5BB5C22BED for ; Mon, 13 May 2024 17:11:14 +0200 (CEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1s6XKS-00065f-E3; Mon, 13 May 2024 11:11:04 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1s6XKQ-00065U-Qa for guix-patches@gnu.org; Mon, 13 May 2024 11:11:02 -0400 Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1s6XKQ-0002Ew-I0 for guix-patches@gnu.org; Mon, 13 May 2024 11:11:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1s6XKQ-0008Ht-Gh for guix-patches@gnu.org; Mon, 13 May 2024 11:11:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#70494] [PATCH 04/23] guix: store: environment: New module. Resent-From: Ludovic =?UTF-8?Q?Court=C3=A8s?= Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Mon, 13 May 2024 15:11:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 70494 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: Christopher Baines Cc: Josselin Poiret , 70494@debbugs.gnu.org, Simon Tournier , Mathieu Othacehe , Tobias Geerinckx-Rice , Ricardo Wurmus , Christopher Baines Received: via spool by 70494-submit@debbugs.gnu.org id=B70494.171561305131849 (code B ref 70494); Mon, 13 May 2024 15:11:02 +0000 Received: (at 70494) by debbugs.gnu.org; 13 May 2024 15:10:51 +0000 Received: from localhost ([127.0.0.1]:33231 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1s6XKC-0008Hd-IT for submit@debbugs.gnu.org; Mon, 13 May 2024 11:10:51 -0400 Received: from eggs.gnu.org ([209.51.188.92]:42172) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1s6XK7-0008HV-KM for 70494@debbugs.gnu.org; Mon, 13 May 2024 11:10:47 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1s6XK1-0001xA-4J; Mon, 13 May 2024 11:10:37 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-Version:Date:References:In-Reply-To:Subject:To: From; bh=d8oT9FPYLUnlYkoOibx0O2C0iKMngpQQru8GlXCyk0U=; b=rUbImEHNKdGndz7Yr773 WSLgsgBRjTLRXJFbt1rjv7rdeWdk/H8aZylio48tStqMZlRoUp7fqzU4Oe6VLYu0ZUW6f428KM2KL FLkX8dZn+E1s8vJQOLR7HT0Ko01AeFlzIjjhwcC0Fmz1yUKCGW9zTJ/idx0srtO548Juf7A7M3k1y tqTwzCwxj1kb4Gf0S6cM++gYy08FuX0+910O7zKQHGzPXZuvhCeiRV7mtgwXwWGp7WMFftE16ipRf XZlIZaq4sasuNxTWwnnDjD74S+WNmSSmb4QXw79Xog2bZaCuuoKHcRt/pWx0ILUqpnkcn8s4D7xGa gbRymfRmcu9uVQ==; From: Ludovic =?UTF-8?Q?Court=C3=A8s?= In-Reply-To: (Christopher Baines's message of "Sun, 21 Apr 2024 10:42:22 +0100") References: <87bk632h36.fsf@cbaines.net> Date: Mon, 13 May 2024 17:10:06 +0200 Message-ID: <87pltp929d.fsf@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: guix-patches-bounces+larch=yhetil.org@gnu.org X-Migadu-Country: US X-Migadu-Flow: FLOW_IN X-Migadu-Queue-Id: 5BB5C22BED X-Migadu-Scanner: mx12.migadu.com X-Migadu-Spam-Score: -5.77 X-Spam-Score: -5.77 X-TUID: ppDqIXCJyEwW Hi Chris, Christopher Baines skribis: > From: Caleb Ristvedt > > * guix/store/environment.scm: New file. > * guix/store.scm: Export compressed-hash. > * guix/store/database.scm (output-path-id-sql, outputs-exist?, references= -sql, > file-closure, all-input-output-paths, all-transitive-inputs): New variabl= es. > (outputs-exist?, file-closure, all-transitive-inputs): Export procedures. > * Makefile.am (STORE_MODULES): Add guix/store/environment.scm. > > Co-authored-by: Christopher Baines > Change-Id: I71ac38fa8596a0c05b34880ca60e8a27ef3892d8 Very cool. Some comments: > +++ b/guix/store.scm > @@ -192,6 +192,7 @@ (define-module (guix store) > grafting? >=20=20 > %store-prefix > + compressed-hash > store-path > output-path > fixed-output-path We can keep it this way for now. However, the suggestion I made to reepca back then was that we should move the low-level hashing/file name computation procedures to a separate module, say (guix store file-names), such that daemon code does not import (guix store). (guix store) would only contain client-side code, possibly re-exporting some of (guix store file-names) for compatibility and convenience. > +(define* (file-closure db path #:key (list-so-far vlist-null)) > + "Return a vlist containing the store paths referenced by PATH, the sto= re > +paths referenced by those paths, and so on." s/file-closure/store-item-closure/ ? > +(define (all-input-output-paths drv) > + "Return a list containing the output paths this derivation's inputs ne= ed to > +provide." > + (apply append (map derivation-input-output-paths Use =E2=80=98append-map=E2=80=99 instead. > + #:export ( Don=E2=80=99t export record type descriptors in general as this exposes the= ABI. > + environment-namespaces > + environment-variables > + environment-temp-dirs s/temp-dirs/temporary-directories/ > + environment-filesystems > + environment-new-session? > + environment-new-pgroup? > + environment-setup-i/o-proc > + environment-preserved-fds > + environment-chroot > + environment-personality > + environment-user > + environment-group > + environment-hostname > + environment-domainname I=E2=80=99d write =E2=80=9Cfile-systems=E2=80=9D, =E2=80=9Chost-name=E2=80= =9D, and =E2=80=9Cdomain-name=E2=80=9D, to be consistent with the rest of the code base (we can keep =E2=80=9Cnamespaces= =E2=80=9D because that=E2=80=99s how Linux spells it.) > + build-environment-vars s/vars/variables/ > +(define-record-type* environment We should keep in mind that maybe we=E2=80=99ll want to use that in =E2=80= =98guix shell -C=E2=80=99 eventually. > +(define (delete-environment env) > + "Delete all temporary directories used in ENV." s/delete-environment/delete-temporary-directories/ > +(define* (temp-directory tmpdir name #:optional permissions user group) > + "Create a temporary directory under TMPDIR with permissions PERMISSION= S if > +specified, otherwise default permissions as specified by umask, and belo= nging > +to user USER and group GROUP (defaulting to current user if not specifie= d or > +#f). Return the full filename of the form /-." s/temp-directory/create-temporary-directory/ This procedure missed the fix in commit ec7fb669945bfb47c5e1fdf7de3a5d07f7002ccf (CVE-2021-27851). It=E2=80=99s fi= ne to implement it later but we should at least leave a big FIXME comment. Somewhere we=E2=80=99ll also need the fix for CVE-2024-27297 (commits ff1251de0bc327ec478fc66a562430fbf35aef42 and 8f4ffb3fae133bb21d7991e97c2f19a7108b1143). > +(define* (dump-port port #:optional (target-port (current-output-port))) Use the one from (guix build utils) instead. Thanks, Ludo=E2=80=99.