From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <bug-guix-bounces+larch=yhetil.org@gnu.org>
Received: from mp10.migadu.com ([2001:41d0:2:4a6f::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by ms9.migadu.com with LMTPS
	id IFbJAd1VTWQ2FQEASxT56A
	(envelope-from <bug-guix-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Sat, 29 Apr 2023 19:37:33 +0200
Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by mp10.migadu.com with LMTPS
	id IOa3AN1VTWSwIQEAG6o9tA
	(envelope-from <bug-guix-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Sat, 29 Apr 2023 19:37:33 +0200
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by aspmx1.migadu.com (Postfix) with ESMTPS id B1B9B857
	for <larch@yhetil.org>; Sat, 29 Apr 2023 19:37:32 +0200 (CEST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <bug-guix-bounces@gnu.org>)
	id 1pso6C-0007Cl-8O; Sat, 29 Apr 2023 13:11:04 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1pso6B-0007Bc-89
 for bug-guix@gnu.org; Sat, 29 Apr 2023 13:11:03 -0400
Received: from debbugs.gnu.org ([209.51.188.43])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1pso6A-0001Ud-U6
 for bug-guix@gnu.org; Sat, 29 Apr 2023 13:11:02 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1pso69-0008Bx-OV
 for bug-guix@gnu.org; Sat, 29 Apr 2023 13:11:01 -0400
X-Loop: help-debbugs@gnu.org
Subject: bug#63082: [PATCH 11/17] services: mpd: Warn when the MPD user is not
 in the "audio" group.
Resent-From: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-guix@gnu.org
Resent-Date: Sat, 29 Apr 2023 17:11:01 +0000
Resent-Message-ID: <handler.63082.B63082.168278825831479@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 63082
X-GNU-PR-Package: guix
X-GNU-PR-Keywords: 
To: Liliana Marie Prikler <liliana.prikler@gmail.com>
Cc: 63082@debbugs.gnu.org
Received: via spool by 63082-submit@debbugs.gnu.org id=B63082.168278825831479
 (code B ref 63082); Sat, 29 Apr 2023 17:11:01 +0000
Received: (at 63082) by debbugs.gnu.org; 29 Apr 2023 17:10:58 +0000
Received: from localhost ([127.0.0.1]:36520 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1pso65-0008Bf-Re
 for submit@debbugs.gnu.org; Sat, 29 Apr 2023 13:10:58 -0400
Received: from mail-qt1-f181.google.com ([209.85.160.181]:47436)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <maxim.cournoyer@gmail.com>) id 1pso62-0008BS-W6
 for 63082@debbugs.gnu.org; Sat, 29 Apr 2023 13:10:56 -0400
Received: by mail-qt1-f181.google.com with SMTP id
 d75a77b69052e-3eef63eff7eso4828881cf.3
 for <63082@debbugs.gnu.org>; Sat, 29 Apr 2023 10:10:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20221208; t=1682788249; x=1685380249;
 h=content-transfer-encoding:mime-version:user-agent:message-id
 :in-reply-to:date:references:subject:cc:to:from:from:to:cc:subject
 :date:message-id:reply-to;
 bh=lxgW9w8+Lym3v7l9Zx3tT3LQpPpSshz1BnOqyzqfAH0=;
 b=cGPF5UilmMoA2DW+LZrgLTBXHoWY4QFpU08QkCCzMeiCMjP/tTLxc0qbvHL1e44C33
 LxpLMxKtUYeMRWNHfHqWk/KP9mMSiMa4/BfIPGRIP8ZayUuavUhlY6r6UCIeOSrqGil+
 ezVOCfluoh+ZXD1Q0k7J0c1WzgU0nHgnI/QdjnFni7e2xmZH+Wl8xsDc5R9x9tfjBx+d
 WfpWCYOgJLoVhP0fh4V7uCTfjXt2yW8J0bk4o6uhPGtwp/3pjIpXXpyFbTYzHTlwhGUv
 yQz8t74g1gHAoAuJsTipLR2MPlplJM2vrR80ILw5xtChA/WXqqjtA6xq0S8znUEe8VBt
 gEvQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20221208; t=1682788249; x=1685380249;
 h=content-transfer-encoding:mime-version:user-agent:message-id
 :in-reply-to:date:references:subject:cc:to:from:x-gm-message-state
 :from:to:cc:subject:date:message-id:reply-to;
 bh=lxgW9w8+Lym3v7l9Zx3tT3LQpPpSshz1BnOqyzqfAH0=;
 b=A+GPT0kt8vvOWrsdgwvFB5/S+enBuI8dnRrGpCZpXmjDMfocfzLgV1HaupJFJMnGfM
 W/k9UTKcm6/MWP8Lr1SpPY4r6jlTPgGi7O6/iQ/Gcmp5AcBKsNGom6fgbulTmqTZ0OdG
 K5wIMM1HScG0YiKZ2ZPUEDUrM8tb5SgjvmRuAbCIhCoTrktOQGJVBF0Sit5svwFM8COg
 OLxdAGdvU2wITtFRsX1ykGd6+KwEZr1XnIMi2WREz/X1mBhrbT4KgcNFCoPxQ9q5r89C
 BoMuv8np41lsLsydVzGsjEuFApue2+AfUuZJZluz/+G9rzdBczufUZd8AI4ng5yoLMls
 Z1hA==
X-Gm-Message-State: AC+VfDxygi+TGhre9LPwjWza0yoY+c8hYylH0KzaTKwp0lGZFslCGBFw
 HZTO1vcTXXqQubVZgi2eKsqOLFymbPE=
X-Google-Smtp-Source: ACHHUZ61XbnYLFbodV9tdkO60l2dMUDDhbamk0aJiazEBc8EN6sSDo5/zlIvltoBSc/pEAjizp/myg==
X-Received: by 2002:ac8:7f8e:0:b0:3e3:7ce1:e73f with SMTP id
 z14-20020ac87f8e000000b003e37ce1e73fmr16912809qtj.53.1682788249301; 
 Sat, 29 Apr 2023 10:10:49 -0700 (PDT)
Received: from hurd (dsl-155-245.b2b2c.ca. [66.158.155.245])
 by smtp.gmail.com with ESMTPSA id
 f3-20020ac81343000000b003e3921077d9sm7936470qtj.38.2023.04.29.10.10.48
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Sat, 29 Apr 2023 10:10:48 -0700 (PDT)
From: Maxim Cournoyer <maxim.cournoyer@gmail.com>
References: <cover.1682690696.git.maxim.cournoyer@gmail.com>
 <a09179d50761b7bc10c9203172b16ea43911966f.1682690696.git.maxim.cournoyer@gmail.com>
 <20ba24c1173d4377731c70380e630076e88a4ef4.camel@gmail.com>
Date: Sat, 29 Apr 2023 13:10:47 -0400
In-Reply-To: <20ba24c1173d4377731c70380e630076e88a4ef4.camel@gmail.com>
 (Liliana Marie Prikler's message of "Sat, 29 Apr 2023 08:29:53 +0200")
Message-ID: <87r0s28vhk.fsf@gmail.com>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-BeenThere: bug-guix@gnu.org
List-Id: Bug reports for GNU Guix <bug-guix.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/bug-guix>,
 <mailto:bug-guix-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/bug-guix>
List-Post: <mailto:bug-guix@gnu.org>
List-Help: <mailto:bug-guix-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/bug-guix>,
 <mailto:bug-guix-request@gnu.org?subject=subscribe>
Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org
Sender: bug-guix-bounces+larch=yhetil.org@gnu.org
X-Migadu-Country: US
X-Migadu-Flow: FLOW_IN
ARC-Seal: i=1; s=key1; d=yhetil.org; t=1682789852; a=rsa-sha256; cv=none;
	b=iCXF4YTF8ydMm3Oj+NKYRiivcyqDD8j4zvykjjFcU0KaQsIcezAo/wPYz4abUoGsIYCc6K
	LjQCXq5kVDsunjfqc2kb9b4lv5DfjBuUG/SNr1hnQDzTOjpbYsyYGLRWVR55oVl3RQr85J
	mt9KAebLtkMu9TQy0w32DhsgBlBjoDT0OS/iXXXPO8GZ7xQo3OlauLvWJCvgMeItMLK5m+
	Kwiwus/Y0seZE4YBJ+AqqQmFCeoYWppHGM5mpj6AnGIq4Yjlzue9oqi6PP2ccGKRl4vC2u
	ef1VcuRacFdt5ZdQ4XLOt9HylP1+dD+ryMR4Gx14+Zu+S/s8vfm8Uv3WRDXGaA==
ARC-Authentication-Results: i=1;
	aspmx1.migadu.com;
	dkim=fail ("headers rsa verify failed") header.d=gmail.com header.s=20221208 header.b=cGPF5Uil;
	dmarc=fail reason="SPF not aligned (relaxed)" header.from=gmail.com (policy=none);
	spf=pass (aspmx1.migadu.com: domain of "bug-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="bug-guix-bounces+larch=yhetil.org@gnu.org"
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org;
	s=key1; t=1682789852;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:resent-cc:
	 resent-from:resent-sender:resent-message-id:in-reply-to:in-reply-to:
	 references:references:list-id:list-help:list-unsubscribe:
	 list-subscribe:list-post:dkim-signature;
	bh=lxgW9w8+Lym3v7l9Zx3tT3LQpPpSshz1BnOqyzqfAH0=;
	b=HxH9j4hmbWLJx1p/yh2JAU8Hg/GDTNJl4yEkmtuCsT8jHfNhYcgh/AvZbnvHCKX7v7oEN5
	FvcS9AHovts/QOLzX84kz7xjE8VdgN7WhfVaEzPc8Vc7jHbBvOO1U3sJyiTjSJLYrj0lxs
	op7JPHaCgU0M2QSC+971ZVO608u2qfhXwi8i2h3Ua7VkOwz46g6QEmmxndRsbq1TIu3YsT
	iTCqDCZJwA6tNwgtFlhu95ftzAP9YQ9Xlby80JX3lH8zGXidkE20C38EEPK/nnGkJlyrWx
	ihYMeHY7ko8LUA/DvhzKm3roOOgNXZIrqBug7hL2hW6fvYOykXSGorSPmMPu4g==
X-Migadu-Spam-Score: 0.19
X-Spam-Score: 0.19
X-Migadu-Queue-Id: B1B9B857
X-Migadu-Scanner: scn0.migadu.com
Authentication-Results: aspmx1.migadu.com;
	dkim=fail ("headers rsa verify failed") header.d=gmail.com header.s=20221208 header.b=cGPF5Uil;
	dmarc=fail reason="SPF not aligned (relaxed)" header.from=gmail.com (policy=none);
	spf=pass (aspmx1.migadu.com: domain of "bug-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="bug-guix-bounces+larch=yhetil.org@gnu.org"
X-TUID: YQpgY4Vq7sdv

Hi Liliana,

Liliana Marie Prikler <liliana.prikler@gmail.com> writes:

> Am Freitag, dem 28.04.2023 um 10:27 -0400 schrieb Maxim Cournoyer:
>> Relates to <https://issues.guix.gnu.org>.
>>=20
>> * gnu/services/audio.scm (%mpd-user) [group]: Add comment.
>> (mpd-user-sanitizer): Warn if the MPD user is not in the audio group.
>> ---
>> =C2=A0gnu/services/audio.scm | 16 +++++++++++++---
>> =C2=A01 file changed, 13 insertions(+), 3 deletions(-)
>>=20
>> diff --git a/gnu/services/audio.scm b/gnu/services/audio.scm
>> index 550ccc542c..9579432ea3 100644
>> --- a/gnu/services/audio.scm
>> +++ b/gnu/services/audio.scm
>> @@ -30,6 +30,7 @@ (define-module (gnu services audio)
>> =C2=A0=C2=A0 #:use-module (gnu services configuration)
>> =C2=A0=C2=A0 #:use-module (gnu services shepherd)
>> =C2=A0=C2=A0 #:use-module (gnu services admin)
>> +=C2=A0 #:use-module (gnu system accounts)
>> =C2=A0=C2=A0 #:use-module (gnu system shadow)
>> =C2=A0=C2=A0 #:use-module (gnu packages admin)
>> =C2=A0=C2=A0 #:use-module (gnu packages mpd)
>> @@ -172,6 +173,8 @@ (define-maybe boolean (prefix mpd-))
>> =C2=A0(define %mpd-user
>> =C2=A0=C2=A0 (user-account
>> =C2=A0=C2=A0=C2=A0 (name "mpd")
>> +=C2=A0=C2=A0 ;; Being in the audio group ensures that PulseAudio can ac=
cess
>> sound
>> +=C2=A0=C2=A0 ;; devices.
>> =C2=A0=C2=A0=C2=A0 (group "audio")
>> =C2=A0=C2=A0=C2=A0 (system? #t)
>> =C2=A0=C2=A0=C2=A0 (comment "Music Player Daemon (MPD) user")
>> @@ -208,10 +211,17 @@ (define (mpd-serialize-port field-name value)
>> =C2=A0
>> =C2=A0(define-maybe port (prefix mpd-))
>> =C2=A0
>> -;;; Procedures for unsupported value types, to be removed.
>> -
>> +;;; Sanitizer procedures.
>> =C2=A0(define (mpd-user-sanitizer value)
>> -=C2=A0 (cond ((user-account? value) value)
>> +=C2=A0 (cond ((user-account? value)
>> +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 (match-record value <u=
ser-account>
>> +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 (group sup=
plementary-groups)
>> +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 (unless (o=
r (string=3D? "audio" group)
>> +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=
=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 (member "au=
dio" supplementary-groups))
>> +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=
=A0 ;; Being in the "audio" group is necessary for access
>> to the
>> +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=
=A0 ;; sound devices.
>> +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=
=A0 (warning (G_ "mpd user not member of \"audio\"
>> group~%"))))
>> +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 value)
>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 ((string? value)
>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 (warning (G_ "str=
ing value for 'user' is deprecated, use \
>> =C2=A0user-account instead~%"))
> I think this check is "only" required when using alsa/pulseaudio for
> outputs and should be a hard error then.  When configured to write to
> httpd or null outputs, other checks are needed.

I agree, but then the check couldn't be made in a sanitizer and would
need to happen much later (in the start slot to ensure it runs at the
right time?).

I figured the current behavior, while not perfect, is better than the
later.

--=20
Thanks,
Maxim