From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <guix-patches-bounces+larch=yhetil.org@gnu.org>
Received: from mp10.migadu.com ([2001:41d0:8:6d80::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by ms5.migadu.com with LMTPS
	id aFtkACBp7mKq1gAAbAwnHQ
	(envelope-from <guix-patches-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Sat, 06 Aug 2022 15:14:08 +0200
Received: from aspmx1.migadu.com ([2001:41d0:8:6d80::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by mp10.migadu.com with LMTPS
	id 0IoUOx9p7mIPEgAAG6o9tA
	(envelope-from <guix-patches-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Sat, 06 Aug 2022 15:14:07 +0200
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by aspmx1.migadu.com (Postfix) with ESMTPS id BF48D1EBBF
	for <larch@yhetil.org>; Sat,  6 Aug 2022 15:14:07 +0200 (CEST)
Received: from localhost ([::1]:53148 helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <guix-patches-bounces+larch=yhetil.org@gnu.org>)
	id 1oKJd0-0005Pd-I3
	for larch@yhetil.org; Sat, 06 Aug 2022 09:14:06 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:59010)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1oKJcw-0005PR-DR
 for guix-patches@gnu.org; Sat, 06 Aug 2022 09:14:02 -0400
Received: from debbugs.gnu.org ([209.51.188.43]:43293)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1oKJcw-0006p3-3z
 for guix-patches@gnu.org; Sat, 06 Aug 2022 09:14:02 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1oKJcw-0003jl-05
 for guix-patches@gnu.org; Sat, 06 Aug 2022 09:14:02 -0400
X-Loop: help-debbugs@gnu.org
Subject: [bug#57016] [PATCH] scripts: Bail out when running pull/package
 commands as root.
Resent-From: Tobias Geerinckx-Rice <me@tobias.gr>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: guix-patches@gnu.org
Resent-Date: Sat, 06 Aug 2022 13:14:01 +0000
Resent-Message-ID: <handler.57016.B57016.165979158714274@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 57016
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: "(" <paren@disroot.org>
Cc: 57016@debbugs.gnu.org
X-Debbugs-Original-Cc: 57016@debbugs.gnu.org, guix-patches@gnu.org
Received: via spool by 57016-submit@debbugs.gnu.org id=B57016.165979158714274
 (code B ref 57016); Sat, 06 Aug 2022 13:14:01 +0000
Received: (at 57016) by debbugs.gnu.org; 6 Aug 2022 13:13:07 +0000
Received: from localhost ([127.0.0.1]:33038 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1oKJc2-0003iA-UD
 for submit@debbugs.gnu.org; Sat, 06 Aug 2022 09:13:07 -0400
Received: from tobias.gr ([80.241.217.52]:53400)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <me@tobias.gr>) id 1oKJbz-0003hy-50
 for 57016@debbugs.gnu.org; Sat, 06 Aug 2022 09:13:05 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; s=2018; bh=N7ATxQdqYwhS6
 i4IrR26G8dcsnHmYaujSJJc9pUUV8E=;
 h=in-reply-to:date:subject:cc:to:
 from:references; d=tobias.gr; b=jsT3NnTIOtZBnPSEFGlHeRWSQQdxdfoSLtBTd7
 6Vg4qFKA4RoOdFr2Sxf0XRp8raeh7cOPVPs+dTYHBQzXKczSuVLsOyjAIJtCBa2XhJoboE
 mfFCZyaDGzW9J8ytL673D4/fW84cFOlXHWHprqj/nE9QDXcjdcEr9TvyrsDo8fJGwiVhra
 LPN1+yvqobCefFzeqTzgJC47iCwsbWk3UTk/6c0Ae5UDE27iGwrX5zFf+HDoUjTPJZ/wHN
 QKn/FuTGXmaAm4IF2G5XGk400KGvIFeBhceg28xe6V8BdxVdAoxJHhvDDnX0UwolH/lB2X
 /pLUSfUXBiQ/hL9Q8/jLhQKg==
Received: by submission.tobias.gr (OpenSMTPD) with ESMTPSA id a689d217
 (TLSv1.3:AEAD-AES256-GCM-SHA384:256:NO); 
 Sat, 6 Aug 2022 13:12:59 +0000 (UTC)
References: <20220806114153.23153-1-paren@disroot.org>
Date: Sat, 06 Aug 2022 14:30:37 +0200
In-reply-to: <20220806114153.23153-1-paren@disroot.org>
BIMI-Selector: v=BIMI1; s=default;
Message-ID: <87r11ta52c@nckx>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
 micalg=pgp-sha512; protocol="application/pgp-signature"
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-BeenThere: guix-patches@gnu.org
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-patches>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=subscribe>
Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org
Sender: "Guix-patches" <guix-patches-bounces+larch=yhetil.org@gnu.org>
Reply-to:  Tobias Geerinckx-Rice <me@tobias.gr>
X-ACL-Warn: ,  Tobias Geerinckx-Rice via Guix-patches <guix-patches@gnu.org>
From:  Tobias Geerinckx-Rice via Guix-patches via <guix-patches@gnu.org>
X-Migadu-Flow: FLOW_IN
X-Migadu-To: larch@yhetil.org
X-Migadu-Country: US
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org;
	s=key1; t=1659791647;
	h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:resent-cc:resent-from:resent-sender:
	 resent-message-id:in-reply-to:in-reply-to:references:references:
	 list-id:list-help:list-unsubscribe:list-subscribe:list-post:
	 dkim-signature; bh=N7ATxQdqYwhS6i4IrR26G8dcsnHmYaujSJJc9pUUV8E=;
	b=lhjNrvRTp+S8hIVlp3vbLgB8g9a0JxUrPoCTbV2HabRk+QZ2294R+JAbGGT/zl69mOQvqU
	7H3/K0lxjU/Nmp51/qh49+07kobAQiKvnnrAz/Jv0f4QPn/g8MN0QHibnby7Dyg4MnrhcH
	cVsRxG4LXhYJXnh+2bPvWj08VAUWTpJRCi6hj6reR8PRaMVcwBs9hDEW7K+wvK6ffqEHos
	V4eFx55d5FhRmANCFd3lXTqWOE6mC5lVZ8nu3L/q8Y+mBse7nDR+APiXa7tkld3gXpGmBG
	rwSTkNg+KHVLjP+La43OZTn7xmnPUEmBaK4b2p8AbIthbra7gMjdr1Bpcz6n8Q==
ARC-Seal: i=1; s=key1; d=yhetil.org; t=1659791647; a=rsa-sha256; cv=none;
	b=aj3kyFXW6h3YT8gIuMkjkD9yBAHptrL0XfIuBrnKwvuZcR7u8ne2W+Ab2Q9sCTMc4N/x5f
	HVIw2dcoWkYF5qvl/vAYqVasK2QNJcf+AZ6JIu1BayK26KlRdsMH9uTsqZ3h7TTdWfOwFV
	wpjKIukpfFhluTwpGALdJP4KT5rm0fnGGzFmRpEDdefrtxXRMxOwDtlBYadOYaMT4qu9PF
	sRfKx8Hu0GycCkQkxBIGxxdSKHjMdJzrsZnghNjD1HGjIS1J7qXcyLXWH61GNDfn/bckjQ
	4TKlIogtABaW/ox+O/Jc2T/Gfx55+NK0sSAw+BSuj8+UFOsGAXcDNuQA2McDXA==
ARC-Authentication-Results: i=1;
	aspmx1.migadu.com;
	dkim=fail ("headers rsa verify failed") header.d=tobias.gr header.s=2018 header.b=jsT3NnTI;
	dmarc=pass (policy=none) header.from=gnu.org;
	spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org"
X-Migadu-Spam-Score: -6.09
Authentication-Results: aspmx1.migadu.com;
	dkim=fail ("headers rsa verify failed") header.d=tobias.gr header.s=2018 header.b=jsT3NnTI;
	dmarc=pass (policy=none) header.from=gnu.org;
	spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org"
X-Migadu-Queue-Id: BF48D1EBBF
X-Spam-Score: -6.09
X-Migadu-Scanner: scn0.migadu.com
X-TUID: jQZ6eUsFTMon

--=-=-=
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: quoted-printable

Hi (,

"( via Guix-patches" via =E5=86=99=E9=81=93=EF=BC=9A
> A pretty common beginner mistake, it seems, is assuming that=20
> since
> every other package manager you've used requires root for=20
> installing,
> removing, and upgrading packages, Guix must too.
>
> This is an especially dangerous assumption when applied to `guix=20
> pull`,

Running =E2=80=98guix pull=E2=80=99 as root is fine.  There was danger in r=
unning=20
=E2=80=98sudo guix pull=E2=80=99 (with Guix System defaulting to =E2=80=98s=
udo -E=E2=80=99), but=20
that was addressed in 7c52cad0464175370c44bd4695e4c01a62b8268f.=20
If it doesn't trigger reliably, let's fix that.

Running =E2=80=98guix package=E2=80=99 and =E2=80=98guix upgrade=E2=80=99 a=
s root is also fine.=20
If improper use of sudo/doas/=E2=80=A6 is the real issue, address *that*,=20
not this loose proxy.

Ludo' factored out some of the bits in=20
9be470b5d2bab7ad2048c95815fee2916d45f4ad.  It could make sense to=20
factor it out further to check, e.g., whether the effective UID=20
matches that of the profile's parent directory.  Why should=20
OpenBSD packages get to hoard all the pedantic ownership checks?

> since I seem to recall

A good trigger to go investigate; not sufficient to (wrongly)=20
imply =E2=80=98root bad=E2=80=99 and throw fatal errors at perfectly legiti=
mate=20
use(r)s.

Conversely, if we reliably detect and report the true issue,=20
there's no need for =E2=80=98--allow-root=E2=80=99, which by the logic of t=
his=20
patch would knowingly break things.  We do not provide such=20
options.

Huge NAK on v2 I'm afraid, but looking forward to your thoughts,

T G-R

--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iIMEARYKACsWIQT12iAyS4c9C3o4dnINsP+IT1VteQUCYu5o3A0cbWVAdG9iaWFz
LmdyAAoJEA2w/4hPVW15g6gA/10E5i/9OA6BqSxhvBvQEbemhWalA7wHbtJ9JBln
ZWenAP9Ry+zTfGWaJuGOR+iWmuOWVYjgMqAKwUVNe9QhlZYwCA==
=0B11
-----END PGP SIGNATURE-----
--=-=-=--