From: Chris Marusich <cmmarusich@gmail.com>
To: "Clément Lassieur" <clement@lassieur.org>
Cc: 30728@debbugs.gnu.org
Subject: bug#30728: guix-install.sh doesn't work if run with "sudo"
Date: Tue, 27 Mar 2018 18:08:40 +0200 [thread overview]
Message-ID: <87k1txwlfb.fsf@gmail.com> (raw)
In-Reply-To: <87lgedx4qf.fsf@lassieur.org> ("Clément Lassieur"'s message of "Tue, 27 Mar 2018 11:11:36 +0200")
[-- Attachment #1.1: Type: text/plain, Size: 1704 bytes --]
Clément Lassieur <clement@lassieur.org> writes:
> Ricardo Wurmus <rekado@elephly.net> writes:
>
>> Clément Lassieur <clement@lassieur.org> writes:
>>
>>>> The manual says (see: (guix) Binary Installation):
>>>>
>>>> 3. Make ‘root’’s profile available under ‘~/.guix-profile’:
>>>>
>>>> # ln -sf /var/guix/profiles/per-user/root/guix-profile \
>>>> ~root/.guix-profile
>>>
>>> I think the manual is wrong here. This only makes sense if the user is
>>> 'root'. Otherwise, the user would expect Guix to be installed in their
>>> home, not in root's home.
>>
>> Step 2 says “As root, run: […]”. “~root” resolves to “/root”, not to
>> “$HOME/root”, so it even works when run as a regular user.
>>
>> The manual seems correct to me and this is what the script aims to
>> implement.
>
> But ~/.guix-profile may resolve to /home/user/.guix-profile. So it
> should be ~root/.guix-profile instead of ~/.guix-profile.
Ah, I think I now see the cause of our miscommunication.
It's possible to interpret the manual's use of ~ and $HOME to mean "the
unprivileged user's home directory", instead of "root's home directory".
I think that's a mistake in the manual, since the "ln" clearly makes
root's profile available under root's home directory, and the step
involving $HOME doesn't make sense unless $HOME expands to root's home
directory.
I've updated my patch; it now also changes the following line...
3. Make ‘root’’s profile available under ‘~/.guix-profile’:
...to this:
3. Make ‘root’’s profile available under ‘~root/.guix-profile’:
How does that sound?
--
Chris
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1.2: 0001-guix-install.sh-Explicitly-set-root-s-home-directory.patch --]
[-- Type: text/x-patch, Size: 4648 bytes --]
From 8e23b7ee5a3b5c600fcd5e29f08458f33cf37c66 Mon Sep 17 00:00:00 2001
From: Chris Marusich <cmmarusich@gmail.com>
Date: Sun, 25 Mar 2018 06:47:42 +0200
Subject: [PATCH] guix-install.sh: Explicitly set root's home directory.
* etc/guix-install.sh (ROOT_HOME): New variable.
(sys_create_store, sys_enable_guix_daemon, sys_authorize_build_farms):
Use ROOT_HOME instead of ~root or the HOME environment variable.
* doc/guix.texi (Binary Installation): Instead of assuming that ~ and
$HOME refer to root's directory simply because commands are being run
as root, explicilty refer to it via ~root.
Fixes: <https://bugs.gnu.org/30728>
---
doc/guix.texi | 4 ++--
etc/guix-install.sh | 19 ++++++++++++-------
2 files changed, 14 insertions(+), 9 deletions(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index 49b3dd10d..aab3a7273 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -471,7 +471,7 @@ archive content is independent of its creation time, thus making it
reproducible.
@item
-Make @code{root}'s profile available under @file{~/.guix-profile}:
+Make @code{root}'s profile available under @file{~root/.guix-profile}:
@example
# ln -sf /var/guix/profiles/per-user/root/guix-profile \
@@ -482,7 +482,7 @@ Source @file{etc/profile} to augment @code{PATH} and other relevant
environment variables:
@example
-# GUIX_PROFILE=$HOME/.guix-profile ; \
+# GUIX_PROFILE="`echo ~root`/.guix-profile" ; \
source $GUIX_PROFILE/etc/profile
@end example
diff --git a/etc/guix-install.sh b/etc/guix-install.sh
index 933492a33..78cd7580b 100755
--- a/etc/guix-install.sh
+++ b/etc/guix-install.sh
@@ -50,6 +50,11 @@ DEBUG=0
GNU_URL="https://alpha.gnu.org/gnu/guix/"
OPENPGP_SIGNING_KEY_ID="3CE464558A84FDC69DB40CFB090B11993D9AEBB5"
+# This script needs to know where root's home directory is. However, we
+# cannot simply use the HOME environment variable, since there is no guarantee
+# that it points to root's home directory.
+ROOT_HOME="$(echo ~root)"
+
# ------------------------------------------------------------------------------
#+UTILITIES
@@ -264,9 +269,9 @@ sys_create_store()
_msg "${INF}Linking the root user's profile"
ln -sf /var/guix/profiles/per-user/root/guix-profile \
- ~root/.guix-profile
+ "${ROOT_HOME}/.guix-profile"
- GUIX_PROFILE="${HOME}/.guix-profile"
+ GUIX_PROFILE="${ROOT_HOME}/.guix-profile"
source "${GUIX_PROFILE}/etc/profile"
_msg "${PAS}activated root profile at /root/.guix-profile"
}
@@ -316,13 +321,13 @@ sys_enable_guix_daemon()
case "$INIT_SYS" in
upstart)
{ initctl reload-configuration;
- cp ~root/.guix-profile/lib/upstart/system/guix-daemon.conf \
+ cp "${ROOT_HOME}/.guix-profile/lib/upstart/system/guix-daemon.conf" \
/etc/init/ &&
start guix-daemon; } &&
_msg "${PAS}enabled Guix daemon via upstart"
;;
systemd)
- { cp ~root/.guix-profile/lib/systemd/system/guix-daemon.service \
+ { cp "${ROOT_HOME}/.guix-profile/lib/systemd/system/guix-daemon.service" \
/etc/systemd/system/;
chmod 664 /etc/systemd/system/guix-daemon.service;
systemctl daemon-reload &&
@@ -332,7 +337,7 @@ sys_enable_guix_daemon()
;;
NA|*)
_msg "${ERR}unsupported init system; run the daemon manually:"
- echo " ~root/.guix-profile/bin/guix-daemon --build-users-group=guixbuild"
+ echo " ${ROOT_HOME}/.guix-profile/bin/guix-daemon --build-users-group=guixbuild"
;;
esac
@@ -352,9 +357,9 @@ sys_authorize_build_farms()
while true; do
read -p "Permit downloading pre-built package binaries from the project's build farms? (yes/no) " yn
case $yn in
- [Yy]*) guix archive --authorize < ~root/.guix-profile/share/guix/hydra.gnu.org.pub &&
+ [Yy]*) guix archive --authorize < "${ROOT_HOME}/.guix-profile/share/guix/hydra.gnu.org.pub" &&
_msg "${PAS}Authorized public key for hydra.gnu.org";
- guix archive --authorize < ~root/.guix-profile/share/guix/berlin.guixsd.org.pub &&
+ guix archive --authorize < "${ROOT_HOME}/.guix-profile/share/guix/berlin.guixsd.org.pub" &&
_msg "${PAS}Authorized public key for berlin.guixsd.org";
break;;
[Nn]*) _msg "${INF}Skipped authorizing build farm public keys"
--
2.15.1
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 832 bytes --]
next prev parent reply other threads:[~2018-03-27 16:09 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <87zi3lh6mb.fsf@lassieur.org>
2018-03-23 13:20 ` bug#30728: guix-install.sh doesn't work if run with "sudo" Clément Lassieur
2018-03-25 5:16 ` Chris Marusich
2018-03-26 8:05 ` Clément Lassieur
2018-03-26 9:18 ` Marius Bakke
2018-03-27 7:46 ` Ricardo Wurmus
2018-03-27 9:11 ` Clément Lassieur
2018-03-27 16:08 ` Chris Marusich [this message]
2018-03-28 19:24 ` Ricardo Wurmus
2018-03-29 5:07 ` Chris Marusich
2018-03-29 8:26 ` Clément Lassieur
2018-03-29 7:48 ` Clément Lassieur
2018-03-29 10:07 ` Ricardo Wurmus
2018-03-30 22:07 ` Clément Lassieur
2018-03-29 8:04 ` Clément Lassieur
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87k1txwlfb.fsf@gmail.com \
--to=cmmarusich@gmail.com \
--cc=30728@debbugs.gnu.org \
--cc=clement@lassieur.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.