From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp11.migadu.com ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms5.migadu.com with LMTPS id EK13IGyD9WJatQAAbAwnHQ (envelope-from ) for ; Fri, 12 Aug 2022 00:32:12 +0200 Received: from aspmx1.migadu.com ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp11.migadu.com with LMTPS id 8OJhIGyD9WLyrQAA9RJhRA (envelope-from ) for ; Fri, 12 Aug 2022 00:32:12 +0200 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 37D7733182 for ; Fri, 12 Aug 2022 00:32:11 +0200 (CEST) Received: from localhost ([::1]:33790 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1oMGio-0006xZ-DY for larch@yhetil.org; Thu, 11 Aug 2022 18:32:10 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:35782) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1oMGih-0006ul-1Y for guix-patches@gnu.org; Thu, 11 Aug 2022 18:32:03 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:37167) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1oMGig-0004NT-PY for guix-patches@gnu.org; Thu, 11 Aug 2022 18:32:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1oMGig-00041L-C7 for guix-patches@gnu.org; Thu, 11 Aug 2022 18:32:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#53912] [PATCH 0/5] WIP Add WSL support. References: <875ypndznv.fsf@ajgrf.com> In-Reply-To: <875ypndznv.fsf@ajgrf.com> Resent-From: Jacob MacDonald Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Thu, 11 Aug 2022 22:32:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 53912 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 53912@debbugs.gnu.org Received: via spool by 53912-submit@debbugs.gnu.org id=B53912.166025709515419 (code B ref 53912); Thu, 11 Aug 2022 22:32:02 +0000 Received: (at 53912) by debbugs.gnu.org; 11 Aug 2022 22:31:35 +0000 Received: from localhost ([127.0.0.1]:55149 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1oMGiE-00040d-OW for submit@debbugs.gnu.org; Thu, 11 Aug 2022 18:31:35 -0400 Received: from mail-qk1-f181.google.com ([209.85.222.181]:36639) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1oMGiB-00040P-9x for 53912@debbugs.gnu.org; Thu, 11 Aug 2022 18:31:33 -0400 Received: by mail-qk1-f181.google.com with SMTP id n21so2454907qkk.3 for <53912@debbugs.gnu.org>; Thu, 11 Aug 2022 15:31:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:to:subject:message-id:date:from :mime-version:from:to:cc; bh=EVwdLz7J2SEPvREJcX58OHrPKJn+pzklWgfOeqGVBR8=; b=bcBuEc+PyY2H6+DAdBTHo4OArHuNGeLnfIZevdom5LNypk2e8RVcwL5HIi+mrKe/pr GTiNEdeOFa8QbiyQ+Eygy3TNkJlpfDT19YMNFvVU5k49xnqK8wrkcHNsTBb6iT4M7xxk e6YUDFmfU9k16Xbb3fbWxd6rPGh4TyNYs1x6AI/lox8FnrxrVgeCx4s5k0T97Q+uoppc Q6IlquqbOWvc1eqted6mYYaV9Yjk+rZ8W39K2g72fzybEagotS9bYQakIMytauxVL6bb NfDP0zWLYmPuFG/dssB3gvLQkDPMeYFJxiRdqwZNWhbahcfWe8y/3q9RF/fQFrd5uQsN Xs5g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:to:subject:message-id:date:from :mime-version:x-gm-message-state:from:to:cc; bh=EVwdLz7J2SEPvREJcX58OHrPKJn+pzklWgfOeqGVBR8=; b=vF83pItuTJ9DS527U/IdjYe0IGmlmYH6/GF5fQHBpht6pCYxGHGqM8cZKQD3mxZR1k clY8ytoC2KRmVkkFEG+6SLL2sgbEz5Lf4paxqf7SnMoQ+p0vBA3ou7iVdFOyC64J9z0b gYUpIoj7+EzK7DyF+qvMF8WsMiFRkpqgQNJJERFl2pCcNpQjCtowWRP3pRajAa5n5D6O VLaVqwBzc7PvrTMK7FULcEdyheY5uWBuH6hj+IdVYCjS6sKzK3gFomdiH2aN9z8S15Fm 5HatFYjubBpgPShx6W1p+5bSXuP3jCQDODckVudsQilLH3FgDatJFyvYf5acq2viPZO9 1QpA== X-Gm-Message-State: ACgBeo0RpjtGToZdMcHKO02MpmDINHWK2xCFSRsUaQKaNnEkxyMVha9g irENZYLu1ug86h/+auibvxjBNumPKte9iYethsNZNXMBtQk= X-Google-Smtp-Source: AA6agR7a67rvBHOaTDtB4gPHVWHxyIAD44NBlAgjkjOLWwWvIs4TyCBwxNB3wacKu7aQv77proR+ScI22h2g9ucfD00= X-Received: by 2002:a37:4549:0:b0:6b9:183c:b931 with SMTP id s70-20020a374549000000b006b9183cb931mr925043qka.520.1660257085232; Thu, 11 Aug 2022 15:31:25 -0700 (PDT) MIME-Version: 1.0 From: Jacob MacDonald Date: Thu, 11 Aug 2022 17:31:14 -0500 Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: "Guix-patches" X-Migadu-Flow: FLOW_IN X-Migadu-To: larch@yhetil.org X-Migadu-Country: US ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1660257131; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:resent-cc: resent-from:resent-sender:resent-message-id:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=EVwdLz7J2SEPvREJcX58OHrPKJn+pzklWgfOeqGVBR8=; b=rR/AUK77SVHXfRp2yXg38rltsP/UOUPhXT4V0qwKgsGPKCzi2S+9FQojKS8a7iOnUikcsA VFNcE1TvEza7sP7Z6QiOB+pw/X05d2Zzeph01vbluSaXSofqa3zNTSwZaLs110vg1yniim INuZJP3M7y/pXApcltulq9K/5rZGH8EH1QK1MYwBRDg58RFFSeEabXY/A0zAfaxLahMyXX zcXgukzrvcHyFnF3Io6AzJNZezUmuyMy3OGEgvHDOYPzJzLjutGeAeumSNAfV8JKXZiANC sCFnEberTGxf2DI7TSwuCUnnw7vb9pweu4irflF2AsBvvwzsm+yNOuWrqdiXBg== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1660257131; a=rsa-sha256; cv=none; b=q4TTB5sjNgXU94EYq5qqilLQXNkVaRX876bSUUG1DVGnzW1sO4eI1dBjA7+5E9Vt4AdOyj 65uCSmOnM7Ppa2KFcjR1yQCjJeXzUJG4LWJIA/DC3Rhiq2XjN4N0jN0XyGtjp/Lon9wECL OwBLL8SxhqsjEWfI+l3WmU8FTB2TDVoUK6QGjrKbVrf9UWlfL/CvKl/zP9rlM7eVNxGGfA RbHAxOXsT29w2xt+D+JXrFgNuaE5510V/Ik0h2+qj3FvFEf6GbZ2dOsJLMAtRg1MkfFm98 KYibcT7RuKX1XFjzdQcJtKstcVQQg0/UKEo+Xat0EaoUjEevwn5/0vXnL30EUg== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=gmail.com header.s=20210112 header.b=bcBuEc+P; dmarc=fail reason="SPF not aligned (relaxed)" header.from=gmail.com (policy=none); spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org" X-Migadu-Spam-Score: 6.12 Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=gmail.com header.s=20210112 header.b=bcBuEc+P; dmarc=fail reason="SPF not aligned (relaxed)" header.from=gmail.com (policy=none); spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org" X-Migadu-Queue-Id: 37D7733182 X-Spam-Score: 6.12 X-Migadu-Scanner: scn1.migadu.com X-TUID: MVNoE3OFfnhr Stefan wrote: > The problems with sudo etc. in /run/setuid-programs/ stem from the nosuid= and noexec flags, which WSL sets when mounting /run as tmpfs. Do you know if there was a 5.10->5.15 change on that front? I only saw the issue after upgrading WSL (and not Guix), even though I had to work around several mount issues getting Guix set up in the first place. > This all seems to be far from perfect to me. It is less than ideal. > All in all WSL assumes the Filesystem Hierarchie Standard and /etc/enviro= nment I do have some workarounds for the issues you mention; No long examples since that work machine is airgapped, but I'll outline my setup and can follow up with code. The filesystem standard, Linux and Guix internals are the areas I'm fuzzy on, relying mostly on third-party advice and a little bit of common-sense tinkering. It's possible that something other than the WSL upgrade broke /run, but my image started with a broken Guix and has undergone several successful revisions. > I use a guile script which remounts /run with these flags removed. > With Windows 11 there is a boot option for the /etc/wsl.config, which mig= ht be the optimal place for a script to do re-mounts and start shepherd. That is exactly right based on my experience. My init script doesn't do any mounts (since the old WSL seemed to let me call sudo just fine), but it does start as root and make sure the file system is sane before kicking things off. > Changing the default user to prevent problems with local drives seems pos= sible with an /etc/wsl.conf file. But then it will not be possible to use r= oot=E2=80=99s shell entry for the script anymore. I never investigated the ownership of /mnt/c/, but it seemed to work OK in userspace. I could create files or delete/trash them from a user-level Emacs. > Hm, I guess that even if the sudo problem is solved, then still a =E2=80= =9Csudo -i=E2=80=9D won=E2=80=99t be possible with the patch. Is that right= ? I haven't used this patch, so I'm not sure how it interacts. However, /run/setuid-programs/sudo -i fails for me as expected while /run/current-system/profile/bin/sudo -i works. > [WSL] makes it hard to launch arbitrary commands as intended with just = =E2=80=9Cwsl -e ls=E2=80=9D in Guix. In such a case no shell is involved an= d no /etc/profile or ~/.profile is sourced, so ls won=E2=80=99t be found. > Another possible problem with the patch might be the current-directory. I= guess that a =E2=80=9Cwsl -d guix -e ls=E2=80=9D will not list the directo= ry from which the wsl command got invoked, but the user=E2=80=99s home dire= ctory. This may be another Win11 feature, but I figured out that --shell-type is a way around that annoyance. wsl --shell-type login ls in a fresh PowerShell shows me files in my Windows home. My shell configuration is small enough that the startup overhead is minimal, and based on running top that way, there's no shell process that sticks around. > With the WSL version I=E2=80=99m using on Windows 10 its /init requires a= group cache for nscd, too. The advice I saw on Guix-in-WSL suggested disabling nscd and I found that to be the case. > My setup is using a gnu.bat file, which invokes a guile script named gnu.= scm in WSL, which =E2=80=93 if needed =E2=80=93 does the re-mounts and star= ts shepherd, and calls sudo to login the user and change the directory befo= re executing further commands from the user. It is retaining some environme= nt variables like TERM, and the content of WSLENV. So from the Windows side= it is possible to call =E2=80=9Cgnu.bat ls -lA=E2=80=9D etc. or just =E2= =80=9Cgnu.bat=E2=80=9D to get a shell. My /etc/wsl.conf sets the default user and specifies a script to run at boot. That script sets up /run/current-system, boots from it, and does those few trivial fs sanity checks. From there, I can start new shells for my user and everything seems to behave. System reconfigurations were the biggest footgun prior to this latest breakage, but this is my only GuixSD experience so that might be a general problem. Thanks! Jacob.