From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <guix-devel-bounces+larch=yhetil.org@gnu.org>
Received: from mp1.migadu.com ([2001:41d0:303:e224::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by ms13.migadu.com with LMTPS
	id oHRFCpaJcWZSugAA62LTzQ:P1
	(envelope-from <guix-devel-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Tue, 18 Jun 2024 13:20:22 +0000
Received: from aspmx1.migadu.com ([2001:41d0:303:e224::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by mp1.migadu.com with LMTPS
	id oHRFCpaJcWZSugAA62LTzQ
	(envelope-from <guix-devel-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Tue, 18 Jun 2024 15:20:22 +0200
X-Envelope-To: larch@yhetil.org
Authentication-Results: aspmx1.migadu.com;
	dkim=pass header.d=incana.org header.s=key1 header.b=BBHMVNiB;
	dmarc=pass (policy=quarantine) header.from=incana.org;
	spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org"
ARC-Seal: i=1; s=key1; d=yhetil.org; t=1718716822; a=rsa-sha256; cv=none;
	b=ptJlceUvVyNaCLUw8SLS6DTOoeb6jC2LAQPcsh2pL1RDU7fuaPwk0BN1gWyiDzXfUvMIxy
	V1L9JvpcK90w0h+VC6YEC1gNlZLx0rtsZSN6iCxRbn6FhWnrfCTzZH+Lx2TzkN1eq9mRxr
	xeoYb51Vg64CVcCf2Cw/mpGuJ44cUy9KDPmI8gl8+Jw7z72AMBlUe2ILKRe5TuXXtl0K5S
	PoXlKgYYQq3rwCaKOfZUvfvuUphpjD+SOVYW6pOw0eOlzMwow2MiyYUsO1TU76Zu0kgXLm
	1lzh+usUA36ikAdIf7qvI3WzCwdjO1gm6AF4zmNBdROgT3eU22jd9krpUOTQHA==
ARC-Authentication-Results: i=1;
	aspmx1.migadu.com;
	dkim=pass header.d=incana.org header.s=key1 header.b=BBHMVNiB;
	dmarc=pass (policy=quarantine) header.from=incana.org;
	spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org"
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org;
	s=key1; t=1718716822;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:in-reply-to:in-reply-to:
	 references:references:list-id:list-help:list-unsubscribe:
	 list-subscribe:list-post:dkim-signature;
	bh=7l+9ocRrvpf/mT/oidBCnVB26+5dbMlJJgdlz4kfzKQ=;
	b=gWKcRTzymFL5JTElAuEd12jhQD7O0nBhEu+KDITI/qUXHcfq4E+J4JE+PdcouPb/tq/1XA
	NqwteEw5NqOtdk6FpLDCmpsKHl7iOL+38fhf995F7gVw9XxLUfOkXdG7BUflpFzSQNb4AT
	UaZbbNtnjGQyfWl6ZYwcAaiTi/UdDT9M8hxQJDYAFHYVTFJ69x7EWJkBNuu0hlwvEDIn6b
	Jnv9jQ4JfkNVPBJ3np+8yjwOK6lO7fpgfd0W7DOSZMhWAfUqr2SRwJ/mJ9BlRIReYUGSuc
	3sTzs1SvKwdY0w6+52EKirXZp0zlrxvJwOXu+p6hY7NUJXlMUgNgvcZQsLvOdA==
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by aspmx1.migadu.com (Postfix) with ESMTPS id 97FF833409
	for <larch@yhetil.org>; Tue, 18 Jun 2024 15:20:21 +0200 (CEST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <guix-devel-bounces@gnu.org>)
	id 1sJYkY-00072V-Ug; Tue, 18 Jun 2024 09:19:50 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <juli@incana.org>) id 1sJYkV-0006zL-6z
 for guix-devel@gnu.org; Tue, 18 Jun 2024 09:19:47 -0400
Received: from out-179.mta0.migadu.com ([2001:41d0:1004:224b::b3])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <juli@incana.org>) id 1sJYkS-0002pU-6y
 for guix-devel@gnu.org; Tue, 18 Jun 2024 09:19:47 -0400
X-Envelope-To: felix.lechner@lease-up.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=incana.org; s=key1;
 t=1718716769;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
 in-reply-to:in-reply-to:references:references;
 bh=7l+9ocRrvpf/mT/oidBCnVB26+5dbMlJJgdlz4kfzKQ=;
 b=BBHMVNiB/zlMcBP8VVt+BkbiFE0LtizNsMWXIHcwVQ1nchh3FFEUyohbGRF28wHmlrs7cn
 3nBBbbgySDEKNLLjjvmHyK1bz0vjU8BHVv1XFEXqszuwnx76+eG3HIWAOBGMljOVo6GskC
 zVkZ2F9NZH2EWMx/ICLKuWtvnbgTGsf87w/srj0f9zHLdV+w/CGjbjgqA9yRMxW4SGsime
 FjLnGa099uP6fmnSb7rBNQAPMjp62XxwzdZbKIVaVpjOSVpAY8RhqnSZGZG2fjRn52oW2E
 mSdb8B6y/wtDjKnH7bIJk/0odk47zNeJIFjC3WyoANLZ86IpPmc0mKc7YrffYA==
X-Envelope-To: guix-devel@gnu.org
Date: Tue, 18 Jun 2024 09:19:16 -0400
X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and
 include these headers.
From: Juliana Sims <juli@incana.org>
Subject: Re: /run/setuid-programs via the Shepherd?
To: Felix Lechner <felix.lechner@lease-up.com>
Cc: guix-devel@gnu.org
Message-Id: <4C2AFS.1OWIL6GCQW823@incana.org>
In-Reply-To: <8734pbfs1r.fsf@lease-up.com>
References: <E12RES.PS0P8T47N5SE@incana.org> <8734pbfs1r.fsf@lease-up.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii; format=flowed
Received-SPF: pass client-ip=2001:41d0:1004:224b::b3;
 envelope-from=juli@incana.org; helo=out-179.mta0.migadu.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001,
 SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: guix-devel@gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Development of GNU Guix and the GNU System distribution."
 <guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
 <mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-devel>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
 <mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org
Sender: guix-devel-bounces+larch=yhetil.org@gnu.org
X-Migadu-Flow: FLOW_IN
X-Migadu-Country: US
X-Migadu-Spam-Score: -6.56
X-Migadu-Scanner: mx12.migadu.com
X-Spam-Score: -6.56
X-Migadu-Queue-Id: 97FF833409
X-TUID: lCillT3bHVMs

Hi Felix,
> 
> ... we must hardcode some paths to /run/setuid-program/... as
> in this yet-to-be-accepted patch for OpenSMTPd. [1]
...

 > [1] https://issues.guix.gnu.org/71613

Oh, this is quite a tricky issue... I'm opposed to packaging software 
in Guix in such a way as to rely on the conventions of a system 
installation -- or even to assume what software a user chooses for 
their particular system installation -- because that undermines the 
core principles of statelessness and user freedom. I don't know enough 
about this problem to offer good solutions, honestly. For the 
aforementioned reasons, I don't think the Shepherd is the place to 
solve it. Or rather, if the problem is solved there (no reason it can't 
be), there will still need to be accomodations for those who don't want 
to rely on Shepherd.

> P.S. Your mail headers included "Reply-To: 
> 87plssoj2z.fsf@lease-up.com";
> I took the liberty to copy you on this message.

Thanks! I don't know how email headers work XD I subscribe to the 
guix-devel digest so when I want to respond to a particular message, I 
copy over the "to" and "cc" and "subject" manually and then I go grab 
the message ID of the particular message I'm replying to and put that 
in Geary's "reply to" field in the hopes of not breaking threading. 
Does this not work properly? (feel free to reply out-of-band if there's 
more to be said)

-Juli