Re: Starting user services at boot

[ludo@gnu.org (Ludovic Courtès)]

ng0 <contact.ng0@cryptolab.net> skribis:

> On 17-02-13 10:30:10, Ludovic Courtès wrote:
>> Hi Leo!
>> 
>> Leo Famulari <leo@famulari.name> skribis:
>> 
>> > Does anyone have advice about how to start an unprivileged user's
>> > services when the system boots?
>> >
>> > On other systems, I could at least invoke them in /etc/rc.local, but I'm
>> > not sure how to do it on GuixSD.
>> 
>> Currently I run shepherd as myself, which reads from
>> ~/.config/shepherd/init.scm.  It gets started from my ~/.xsession.
>> 
>> Admittedly this is a bit of a hack.  It wouldn’t be hard to define
>> per-user Shepherd instances as global Shepherd services in GuixSD, if
>> you see what I mean.
>> 
>> Another option would be to add support for this directly in the
>> Shepherd, which has pros and cons.
>
> What are the pros and cons from your point of view, could you explain this?

The downside is that it would make the Shepherd more complex: it would
have to have a built-in notion of user instances, even though it is not
designed specifically to run as PID 1 initially (you can use it as an
unprivileged user already).

Another downside is that /var/run/shepherd/socket may need to be
accessible to users so they can talk to PID 1.  More generally, there’d
need to be some way to prevent unprivileged users from doing things like
running arbitrary code in PID 1.

The upside would be better integration: if shepherd knows about user
services, then it can show them in ‘herd status’, things like that.

(There’s a similar trade-off for the recently-added support for services
running in containers.)

Thanks,
Ludo’.