From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp2 ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms0.migadu.com with LMTPS id iNgPOs2FA2G7sAAAgWs5BA (envelope-from ) for ; Fri, 30 Jul 2021 06:53:33 +0200 Received: from aspmx1.migadu.com ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp2 with LMTPS id CEC5Nc2FA2HVFwAAB5/wlQ (envelope-from ) for ; Fri, 30 Jul 2021 04:53:33 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id B3B1E5FA8 for ; Fri, 30 Jul 2021 06:53:32 +0200 (CEST) Received: from localhost ([::1]:51522 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1m9KWZ-0007Yq-QD for larch@yhetil.org; Fri, 30 Jul 2021 00:53:31 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:60004) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1m98fa-0003R9-Dv for bug-guix@gnu.org; Thu, 29 Jul 2021 12:14:02 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:46548) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1m98fa-00068Z-62 for bug-guix@gnu.org; Thu, 29 Jul 2021 12:14:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1m98fa-00020M-1n for bug-guix@gnu.org; Thu, 29 Jul 2021 12:14:02 -0400 X-Loop: help-debbugs@gnu.org Subject: bug#49771: conflicting pam-limits-service and pam-mount-service-type Resent-From: muradm Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Thu, 29 Jul 2021 16:14:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 49771 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: 49771@debbugs.gnu.org X-Debbugs-Original-To: bug-guix@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.16275752337681 (code B ref -1); Thu, 29 Jul 2021 16:14:01 +0000 Received: (at submit) by debbugs.gnu.org; 29 Jul 2021 16:13:53 +0000 Received: from localhost ([127.0.0.1]:58094 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1m98fQ-0001zp-Tt for submit@debbugs.gnu.org; Thu, 29 Jul 2021 12:13:53 -0400 Received: from lists.gnu.org ([209.51.188.17]:56434) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1m98fK-0001zb-6g for submit@debbugs.gnu.org; Thu, 29 Jul 2021 12:13:51 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:59928) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1m98fK-0003Gk-1G for bug-guix@gnu.org; Thu, 29 Jul 2021 12:13:46 -0400 Received: from mail-ed1-x536.google.com ([2a00:1450:4864:20::536]:44896) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1m98fE-0005s2-2I for bug-guix@gnu.org; Thu, 29 Jul 2021 12:13:45 -0400 Received: by mail-ed1-x536.google.com with SMTP id j2so8898717edp.11 for ; Thu, 29 Jul 2021 09:13:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=muradm-net.20150623.gappssmtp.com; s=20150623; h=user-agent:from:to:subject:date:message-id:mime-version; bh=XWcwtG0Z7PrdjDMPde/AfYWMUerWAVX699C54DfCHMw=; b=00Wfbx73H7G/GnwlkqRQQv4tUpoP0uxfGZYFGvfcC7W9qbD8bWkbGu4OnGbJGk2rrU R8OxdeQ0HI0wFHEdc/QRwNGg1sdEGDvJJjVQeOq/+UWu4PCmrF80ce6jrjm7lXcPDffN SUoZe4cdBn4Hd5PkE2Mt0ITGB0YXTyrPFPf/nTu5PIbAaikuUK5cVYobb3sBIarm9qqq phq98qg1xZt2+DUdLJAtZz59mLFdHfAJaJe3F82OqpxOkZL4rTfJ0ZJDzhvmZ0i4PaOJ FcWtvOqFNxZBFBvtSup8AAC0e5KQ3LKBrKaWXNBopmEQNkD8A3YtpJlQKZeBNcUMlH2g ksAA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:user-agent:from:to:subject:date:message-id :mime-version; bh=XWcwtG0Z7PrdjDMPde/AfYWMUerWAVX699C54DfCHMw=; b=iBF6w/vz4+4xcm1J2ACUWjDZc+tITTExlU1c38pdfuNIxQJxVElzYU7YPPrGEzEcMV 6hbArLhcSz14qsWmLRPj5izc1YTrpzmURdth+7nInFtNXEHYmZpChMtDPSXsTbqMj6Px 6B30fdX2ndJrYoCxrhjkRubcwajbkSM44v8TtGFeL2xB9QgaN8+E7vNj0v5BiNe+6nDu tzg1Nzatu1aMaFwiK0+tdGtrtCfxqnRhL3yX6cffUg7IQBY4gYquY7yV/89NI+FjtflB rkqrx49XnJApcdfQjMlIn2Tj3niKWtNw793cF3Ru29HG8roojAaolZpek7KUP1jgVJ+H w9rw== X-Gm-Message-State: AOAM531nDZZzPg35Yl3IyLcK+pJ1Ls6nKqlF7pw5FQjrtLO7284RBtvy j/1gPr5DKA1mI8XDtzCDGzZ0kJCLuvnKpj8T X-Google-Smtp-Source: ABdhPJzjgZUFNz3hZtuoytIV2TT63uclfaiYddWWaVB7fw6h/Or6fqNpESo1iAKzsmtKOrIoJtcIDg== X-Received: by 2002:a05:6402:13d8:: with SMTP id a24mr6902036edx.158.1627575217457; Thu, 29 Jul 2021 09:13:37 -0700 (PDT) Received: from nomad-lp1 ([217.131.83.183]) by smtp.gmail.com with ESMTPSA id dg20sm1375142edb.13.2021.07.29.09.13.36 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 29 Jul 2021 09:13:36 -0700 (PDT) User-agent: mu4e 1.4.15; emacs 28.0.50 From: muradm Date: Thu, 29 Jul 2021 19:13:34 +0300 Message-ID: <87v94tcd3l.fsf@muradm.net> MIME-Version: 1.0 Content-Type: text/plain; format=flowed Received-SPF: none client-ip=2a00:1450:4864:20::536; envelope-from=mail@muradm.net; helo=mail-ed1-x536.google.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-Mailman-Approved-At: Fri, 30 Jul 2021 00:53:24 -0400 X-BeenThere: bug-guix@gnu.org List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org Sender: "bug-Guix" X-Migadu-Flow: FLOW_IN ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1627620813; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:resent-cc:resent-from:resent-sender: resent-message-id:list-id:list-help:list-unsubscribe:list-subscribe: list-post:dkim-signature; bh=XWcwtG0Z7PrdjDMPde/AfYWMUerWAVX699C54DfCHMw=; b=EY05++bvj/vF384QO4USGwUN/YKx+Dxzl/TZmIeeIrl/hfuLe8C8jDrDXSGqDQAyMorD49 aSz3+HTMI1QulFqsWOunianI/drGDeQZjgZi21y9Pob4+f3myzzeck2gQtPZclV7iGhaBs eenrR0PRXMIYb3Z6GR++bniWgqxs1OWTNzwrsiIpJuW8SK+l8KDpWjIaL9EAseQ/R//wU7 Eoz1bSRGxOOXujIa19ypTUXXt5Q7tIiZC8SlDaTZLIM67tgB/OfdwoeVwI/jSG3q7rhneS 5pKRiRY1Yvb06FGGaOpPizXKkGCcjIijU3HR/KiUndjP8GtYG9yNJUvHO8CCow== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1627620813; a=rsa-sha256; cv=none; b=b9eOhv3gurZEJE4WhmB+OPqkcvGiuLt7V/j6Gu02h1jdZYpmglb6krC5cabML2HiCDPAm9 85jqOPIG8XoR7DTRRUMn7qjRTo63PKYhbE/dr1DZb9LnjAf/uKAWQJ3SRbJnadeOxGbRg8 efrINxLUmLPoQhCiSmCXPlArnDm3gQgdvDcAcDqDr0fW4MrWGN6g8ALm+z1LmQS7PIAz0Z kJLSbgXXAhkJ8ehYz1HSa1LwEUuc6Nif8YbS/9rQEl9sGv0+1XTpT1x/vkyEfQguztJ3IM dd//Qn0LgJeXTUMdk2e7FtYky5VPzlWE4T0Nwfr5knkt8fU2x906HT+6YbuxPw== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=muradm-net.20150623.gappssmtp.com header.s=20150623 header.b=00Wfbx73; dmarc=none; spf=pass (aspmx1.migadu.com: domain of bug-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=bug-guix-bounces@gnu.org X-Migadu-Spam-Score: -1.41 Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=muradm-net.20150623.gappssmtp.com header.s=20150623 header.b=00Wfbx73; dmarc=none; spf=pass (aspmx1.migadu.com: domain of bug-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=bug-guix-bounces@gnu.org X-Migadu-Queue-Id: B3B1E5FA8 X-Spam-Score: -1.41 X-Migadu-Scanner: scn0.migadu.com X-TUID: 6ySd/oTRzgeA pam-limits-service and pam-mount-service-type are working when used only one of them. When both are present in list of (services, conflict hapens when guix system reconfigure is invoked. Digging the problem led to use of etc-service-type. pam-limits-service defines /etc/security/limits.conf in gnu/services/base.scm: (define pam-limits-service-type (let ((security-limits ;; Create /etc/security containing the provided "limits.conf" file. (lambda (limits-file) `(("security" ,(computed-file "security" #~(begin (mkdir #$output) (stat #$limits-file) (symlink #$limits-file (string-append #$output "/limits.conf")))))))) (pam-extension (lambda (pam) Basically, it says to etc-service-type i need "security" under "/etc" and uses mkdir to create it. pam-mount-service-type asks "security/pam_mount.conf.xml" from etc-service-type. (define (pam-mount-etc-service config) `(("security/pam_mount.conf.xml" ,(make-pam-mount-configuration-file config)))) When both pam-mount-service-type and pam-limits-service are defined in (services ...), if pam-mount-service-type is before pam-limits, guix system reconfigure fails with "Permission denied", if pam-limits is before then it is "File exists". I would suggest to fix gnu/services/base.scm so that pam-limits-services-type ask for "security/limits.conf" just like pam-mount-services-type does in order to avoid conflict. Currently, both pam-limits-service and pam-mount-service-type are not usable at the same time.