From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp12.migadu.com ([2001:41d0:8:6d80::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms5.migadu.com with LMTPS id SB9BL/Of72LP3gAAbAwnHQ (envelope-from ) for ; Sun, 07 Aug 2022 13:20:19 +0200 Received: from aspmx1.migadu.com ([2001:41d0:8:6d80::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp12.migadu.com with LMTPS id aJglL/Of72LMaQEAauVa8A (envelope-from ) for ; Sun, 07 Aug 2022 13:20:19 +0200 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 473D53C220 for ; Sun, 7 Aug 2022 13:20:19 +0200 (CEST) Received: from localhost ([::1]:40970 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1oKeKO-0001ti-0q for larch@yhetil.org; Sun, 07 Aug 2022 07:20:16 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:59402) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1oKeKA-0001tL-CS for guix-patches@gnu.org; Sun, 07 Aug 2022 07:20:02 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:46310) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1oKeKA-0002oY-2A for guix-patches@gnu.org; Sun, 07 Aug 2022 07:20:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1oKeK9-0000Ou-TX for guix-patches@gnu.org; Sun, 07 Aug 2022 07:20:01 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#57031] [PATCH v2] scripts: Show a hint the first time some commands are run as root. References: <20220807111421.14771-1-paren@disroot.org> In-Reply-To: <20220807111421.14771-1-paren@disroot.org> Resent-From: "(" Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Sun, 07 Aug 2022 11:20:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 57031 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 57031@debbugs.gnu.org Cc: "\(" Received: via spool by 57031-submit@debbugs.gnu.org id=B57031.16598711751499 (code B ref 57031); Sun, 07 Aug 2022 11:20:01 +0000 Received: (at 57031) by debbugs.gnu.org; 7 Aug 2022 11:19:35 +0000 Received: from localhost ([127.0.0.1]:36059 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1oKeJi-0000O6-Jl for submit@debbugs.gnu.org; Sun, 07 Aug 2022 07:19:35 -0400 Received: from knopi.disroot.org ([178.21.23.139]:52698) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1oKeJg-0000Ny-PF for 57031@debbugs.gnu.org; Sun, 07 Aug 2022 07:19:33 -0400 Received: from localhost (localhost [127.0.0.1]) by disroot.org (Postfix) with ESMTP id 24A5844FE6; Sun, 7 Aug 2022 13:19:32 +0200 (CEST) X-Virus-Scanned: SPAM Filter at disroot.org Received: from knopi.disroot.org ([127.0.0.1]) by localhost (disroot.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OrsBhXYrvaVl; Sun, 7 Aug 2022 13:19:30 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=disroot.org; s=mail; t=1659871170; bh=Oaqilhtl+xUnLp1X+Xf7qfOo3GvJ9MY28hRuzF1F48E=; h=From:To:Cc:Subject:Date; b=bTWPO72fAOQuzCauEeumzwIOkPalyO8BvoKLFh68HEHBswWTYu/mZpBSEI32oNayP vHJgMI4UqqQPbG/kR1lOWm2aIv0e4vYdWA8JYkAspX/PFYtfyUVEdwN8T/5rHafiHK h7pDaRQqJBvR/tqBa5hYtRFwsjgfFA7Ms8VqkyWyIh5+Lr915Qb12pubR9EfDFP7DV M8q0oRtns4jgCpWcmYILM0IFw+Q1bydVBVGfcFmvrCGBWlo83Zyp0qouMx68wgA3EN hY66lEoiq9w8F3y7ojnRrkYhQgsMY3BREQwttZJEcarrbY45MiNzTVdXpaJBllnRp6 D6nf9DuOMZNcA== Date: Sun, 7 Aug 2022 12:19:29 +0100 Message-Id: <20220807111929.15617-1-paren@disroot.org> Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: "Guix-patches" Reply-to: "\(" X-ACL-Warn: , "\( via Guix-patches" From: "\( via Guix-patches" via X-Migadu-Flow: FLOW_IN X-Migadu-To: larch@yhetil.org X-Migadu-Country: US ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1659871219; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:resent-cc: resent-from:resent-sender:resent-message-id:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=biUC0duYFGNPt/NIx24SubkqczRB/uHQjkGmXwBZyIg=; b=oTwt4eAE15iA11jE4ZZWjdOhIMYTD6zPCNllaalo7fSPhdNPIqM223CyKkWQme6pU0iJuT 0xGDnA54DNQeak38L5KgnhZ5mQIuZhHZ7pAUUhbzKC6+hPKxGgibJKlqOdVrKUihmGU4dm ldDuoKc39PsJxpCgbX83uBgKFAlrfKWFsRVI4mQuCG2mfPz99aqECKwcjNVCiPOWyIHt8p M6svpt7GO/r48mY0Hb5rJ7I0zx6MZSlQKhWRQTHOBC3mt9+VhkSMo898fKpq8ZCg2Wr8fJ 5JMi5+eGfVnIlT9wWOKy05tW201IF7s6u7hEPHC9lsxm8pIf2KjdpjI2d78faw== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1659871219; a=rsa-sha256; cv=none; b=P+t83bBrnVOFNzfQKR/nURRqMqbbMKrjrKlTSfEflDtSJMUTmGA2NGazATpopPVoRKylPz W6wmbEzBi04mupzylNI58LUrgTHca3gzeVQgHgXR9WJjF+DRoC94LQNb9c7xxJlnFu7odi iUW/siHjXZjUKFMA0vaeV5NNbnNytzyA+ObhUHQch8JLSCJ8Q/s/MBkKkR6nk001LfJSC8 cLJwvIYRIA7chgPlkiC/ZB/HAGzyoN2SNRz5kZL1Tljkyv+1I003YM5rNR1c6Fcs9Cu1I8 2ypBlMlJCJD7V8ziN/qikq5z8XUW+PbsfoT7t2uKBONnf75kEymrH/bAMs5+1g== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=disroot.org header.s=mail header.b=bTWPO72f; dmarc=pass (policy=none) header.from=gnu.org; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org" X-Migadu-Spam-Score: -3.40 Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=disroot.org header.s=mail header.b=bTWPO72f; dmarc=pass (policy=none) header.from=gnu.org; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org" X-Migadu-Queue-Id: 473D53C220 X-Spam-Score: -3.40 X-Migadu-Scanner: scn0.migadu.com X-TUID: eYpe+5piBtya * guix/scripts/shell.scm (hint-given?, hint-directory, hint-file, record-hint): Move these... * guix/ui.scm: ...here. Export them. * guix/scripts/package.scm (guix-package*): Add `#:root-hint?` keyword argument. Display a hint if Guix is being run as root and `root-hint?` is #t. * guix/scripts/install.scm (guix-install): Use `#:root-hint? #t` here... * guix/scripts/remove.scm (guix-remove): ...here... * guix/scripts/upgrade.scm (guix-upgrade): ...and here. * guix/scripts/pull.scm (guix-pull): (guix-pull): Display a hint if Guix is being run as root. A pretty common beginner mistake, it seems, is assuming that since every other package manager you've used requires root for installing, removing, and upgrading packages, Guix must too. This commit tries to make it harder to make such an assumption, by making commands such as `pull`, `package`, and `upgrade` display a hint the first time they are run as root. --- guix/scripts/install.scm | 3 ++- guix/scripts/package.scm | 16 +++++++++++++--- guix/scripts/pull.scm | 7 +++++++ guix/scripts/remove.scm | 3 ++- guix/scripts/shell.scm | 23 ----------------------- guix/scripts/upgrade.scm | 3 ++- guix/ui.scm | 29 +++++++++++++++++++++++++++++ 7 files changed, 55 insertions(+), 29 deletions(-) diff --git a/guix/scripts/install.scm b/guix/scripts/install.scm index 63e625f266..bf11fc7b11 100644 --- a/guix/scripts/install.scm +++ b/guix/scripts/install.scm @@ -1,5 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2019, 2020 Ludovic Courtès +;;; Copyright © 2022 ( ;;; ;;; This file is part of GNU Guix. ;;; @@ -80,4 +81,4 @@ (define opts (list %package-default-options #f) #:argument-handler handle-argument)) - (guix-package* opts)) + (guix-package* opts #:root-hint? #t)) diff --git a/guix/scripts/package.scm b/guix/scripts/package.scm index 7d92598efa..8936c70e1f 100644 --- a/guix/scripts/package.scm +++ b/guix/scripts/package.scm @@ -12,6 +12,7 @@ ;;; Copyright © 2018 Steve Sprang ;;; Copyright © 2022 Josselin Poiret ;;; Copyright © 2022 Antero Mejr +;;; Copyright © 2022 ( ;;; ;;; This file is part of GNU Guix. ;;; @@ -1077,12 +1078,21 @@ (define opts (parse-command-line args %options (list %default-options #f) #:argument-handler handle-argument)) - (guix-package* opts)) + (guix-package* opts #:root-hint? #t)) -(define (guix-package* opts) +(define* (guix-package* opts #:key (root-hint? #f)) "Run the 'guix package' command on OPTS, an alist resulting for command-line -option processing with 'parse-command-line'." +option processing with 'parse-command-line'. If ROOT-HINT? is #T, a hint is +shown on the first usage of this procedure that informs users about Guix's +support for per-user package management." (with-error-handling + (when (and root-hint? + (not (hint-given? 'package-root-hint)) + (= (getuid) 0)) + (record-hint 'package-root-hint) + (display-hint (G_ "`guix package' is user-specific, not system-wide, +so running this command as root will affect only the `root' user."))) + (or (process-query opts) (parameterize ((%store (open-connection)) (%graft? (assoc-ref opts 'graft?))) diff --git a/guix/scripts/pull.scm b/guix/scripts/pull.scm index b0cc459d63..6e3d7db7c7 100644 --- a/guix/scripts/pull.scm +++ b/guix/scripts/pull.scm @@ -2,6 +2,7 @@ ;;; Copyright © 2013-2015, 2017-2022 Ludovic Courtès ;;; Copyright © 2017 Marius Bakke ;;; Copyright © 2020, 2021 Tobias Geerinckx-Rice +;;; Copyright © 2022 ( ;;; ;;; This file is part of GNU Guix. ;;; @@ -834,6 +835,12 @@ (define (no-arguments arg _) (current-channels (profile-channels profile)) (validate-pull (assoc-ref opts 'validate-pull)) (authenticate? (assoc-ref opts 'authenticate-channels?))) + (when (and (not (hint-given? 'pull-root-hint)) + (= (getuid) 0)) + (record-hint 'pull-root-hint) + (display-hint (G_ "`guix pull' is user-specific, not system-wide; +running it as root will only affect the `root' user."))) + (cond ((assoc-ref opts 'query) (process-query opts profile)) diff --git a/guix/scripts/remove.scm b/guix/scripts/remove.scm index a46ad04d56..131649eace 100644 --- a/guix/scripts/remove.scm +++ b/guix/scripts/remove.scm @@ -1,5 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2019, 2020 Ludovic Courtès +;;; Copyright © 2022 ( ;;; ;;; This file is part of GNU Guix. ;;; @@ -76,4 +77,4 @@ (define opts (list %package-default-options #f) #:argument-handler handle-argument)) - (guix-package* opts)) + (guix-package* opts #:root-hint? #t)) diff --git a/guix/scripts/shell.scm b/guix/scripts/shell.scm index c115a00320..3ac7d80eb0 100644 --- a/guix/scripts/shell.scm +++ b/guix/scripts/shell.scm @@ -489,29 +489,6 @@ (define (validated-spec spec) (exp (pretty-print exp port))))) - -;;; -;;; One-time hints. -;;; - -(define (hint-directory) - "Return the directory name where previously given hints are recorded." - (string-append (cache-directory #:ensure? #f) "/hints")) - -(define (hint-file hint) - "Return the name of the file that marks HINT as already printed." - (string-append (hint-directory) "/" (symbol->string hint))) - -(define (record-hint hint) - "Mark HINT as already given." - (let ((file (hint-file hint))) - (mkdir-p (dirname file)) - (close-fdes (open-fdes file (logior O_CREAT O_WRONLY))))) - -(define (hint-given? hint) - "Return true if HINT was already given." - (file-exists? (hint-file hint))) - (define-command (guix-shell . args) (category development) diff --git a/guix/scripts/upgrade.scm b/guix/scripts/upgrade.scm index beb59cbe6f..dd14600fe4 100644 --- a/guix/scripts/upgrade.scm +++ b/guix/scripts/upgrade.scm @@ -2,6 +2,7 @@ ;;; Copyright © 2019, 2020 Ludovic Courtès ;;; Copyright © 2020 Jakub Kądziołka ;;; Copyright © 2020 Simon Tournier +;;; Copyright © 2022 ( ;;; ;;; This file is part of GNU Guix. ;;; @@ -87,4 +88,4 @@ (define opts #f) #:argument-handler handle-argument)) - (guix-package* opts)) + (guix-package* opts #:root-hint? #t)) diff --git a/guix/ui.scm b/guix/ui.scm index a7acd41440..44607d80d2 100644 --- a/guix/ui.scm +++ b/guix/ui.scm @@ -18,6 +18,7 @@ ;;; Copyright © 2020 Maxim Cournoyer ;;; Copyright © 2018 Steve Sprang ;;; Copyright © 2022 Taiju HIGASHI +;;; Copyright © 2022 ( ;;; ;;; This file is part of GNU Guix. ;;; @@ -136,6 +137,11 @@ (define-module (guix ui) switch-to-generation* delete-generation* + hint-directory + hint-file + record-hint + hint-given? + %default-message-language current-message-language @@ -2032,6 +2038,29 @@ (define* (package-specification->name+version+output spec (package-name->name+version name))) (values name version sub-drv))) + +;;; +;;; One-time hints. +;;; + +(define (hint-directory) + "Return the directory name where previously given hints are recorded." + (string-append (cache-directory #:ensure? #f) "/hints")) + +(define (hint-file hint) + "Return the name of the file that marks HINT as already printed." + (string-append (hint-directory) "/" (symbol->string hint))) + +(define (record-hint hint) + "Mark HINT as already given." + (let ((file (hint-file hint))) + (mkdir-p (dirname file)) + (close-fdes (open-fdes file (logior O_CREAT O_WRONLY))))) + +(define (hint-given? hint) + "Return true if HINT was already given." + (file-exists? (hint-file hint))) + ;;; ;;; Command-line option processing. -- 2.37.1