From mboxrd@z Thu Jan 1 00:00:00 1970 From: Ludovic =?UTF-8?Q?Court=C3=A8s?= Subject: bug#36785: Impossible to pull on foreign distro Date: Wed, 18 Sep 2019 00:03:01 +0200 Message-ID: <87woe6fune.fsf@gnu.org> References: <6733C9AB-E5C1-4B63-8F0E-04CD1BB32338@lepiller.eu> <874l39ra37.fsf@gnu.org> <3DC355B8-FE36-4C4E-BBC9-EEC5F580AF0D@lepiller.eu> <87tvb9qktd.fsf@gnu.org> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Return-path: Received: from eggs.gnu.org ([2001:470:142:3::10]:40218) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iALZs-0004ZW-Az for bug-guix@gnu.org; Tue, 17 Sep 2019 18:04:06 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1iALZq-0000qO-Es for bug-guix@gnu.org; Tue, 17 Sep 2019 18:04:04 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:44576) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1iALZq-0000qC-6b for bug-guix@gnu.org; Tue, 17 Sep 2019 18:04:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1iALZq-0000km-1O for bug-guix@gnu.org; Tue, 17 Sep 2019 18:04:02 -0400 Sender: "Debbugs-submit" Resent-Message-ID: In-Reply-To: <87tvb9qktd.fsf@gnu.org> ("Ludovic \=\?utf-8\?Q\?Court\=C3\=A8s\=22'\?\= \=\?utf-8\?Q\?s\?\= message of "Fri, 26 Jul 2019 10:09:02 +0200") List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org Sender: "bug-Guix" To: Julien Lepiller Cc: 36785@debbugs.gnu.org Hi, Ludovic Court=C3=A8s skribis: > Indeed. I added =E2=80=98pk=E2=80=99 calls to print =E2=80=98%profile-di= rectory=E2=80=99 and > (canonicalize-profile %user-profile-directory), and here=E2=80=99s what I= see > with =E2=80=98sudo=E2=80=99: > > $ sudo -E ./pre-inst-env guix pull > > ;;; (pd "/var/guix/profiles/per-user/root") > > ;;; (upd "/home/ludo/.config/guix/current") I used =E2=80=98-E=E2=80=99 above, which is why HOME was ~ludo instead of ~= root. Without =E2=80=98-E=E2=80=99, HOME is ~root as expected, and so =E2=80=9Csu= do guix pull=E2=80=9D does the right thing (this is on Guix System): --8<---------------cut here---------------start------------->8--- $ sudo guix repl GNU Guile 2.2.4 Copyright (C) 1995-2017 Free Software Foundation, Inc. Guile comes with ABSOLUTELY NO WARRANTY; for details type `,show w'. This program is free software, and you are welcome to redistribute it under certain conditions; type `,show c' for details. Enter `,help' for help. scheme@(guix-user)> (getenv "HOME") $1 =3D "/root" scheme@(guix-user)> ,m(guix scripts pull) scheme@(guix scripts pull)> %profile-directory $2 =3D "/var/guix/profiles/per-user/root" scheme@(guix scripts pull)> %user-profile-directory $3 =3D "/root/.config/guix/current" scheme@(guix scripts pull)> (cache-directory) $4 =3D "/root/.cache/guix" scheme@(guix scripts pull)> (config-directory) $5 =3D "/root/.config/guix" --8<---------------cut here---------------end--------------->8--- So =E2=80=98sudo guix pull=E2=80=99 really updates root=E2=80=99s profile a= nd writes to ~root/.cache, everything is fine. Done? I investigated a bit, tried Debian, then Ubuntu, and found that =E2=80=98su= do=E2=80=99 on Ubuntu behaves differently: it preserves =E2=80=98HOME=E2=80=99 by defau= lt: $ sudo env | grep HOME HOME=3D/home/ubuntu This is written here: https://help.ubuntu.com/community/RootSudo#Special_notes_on_sudo_and_shel= ls (That=E2=80=99s with sudo 1.8.21p2, FWIW.) Ubuntu=E2=80=99s /etc/sudoers doesn=E2=80=99t have anything special. Actua= lly, Debian has (almost) the same /etc/sudoers and yet it does not preserve HOME. (Time passes=E2=80=A6) Digging further, I fetched the source from , and boom! I found the culprit: it=E2=80=99s called =E2=80=98debian/patches/keep_home_by_default.p= atch=E2=80=99. --8<---------------cut here---------------start------------->8--- Description: Set HOME in initial_keepenv_table Set HOME in initial_keepenv_table; without this, $HOME will never be=20 preserved unless added to keep_env. There's appropriate logic to handle resetting the home for -H and -i options, so this is the only part that's missing. Author: Steve Langasek --- a/plugins/sudoers/env.c +++ b/plugins/sudoers/env.c @@ -189,6 +189,7 @@ "COLORS", "DISPLAY", "DPKG_COLORS", + "HOME", "HOSTNAME", "KRB5CCNAME", "LS_COLORS", --8<---------------cut here---------------end--------------->8--- (This patch is playing with fire IMO. If you=E2=80=99re an Ubuntu user, consider reporting a bug!) But anyway, what can we do? We could ignore the issue, it=E2=80=99s-Ubuntu=E2=80=99s-fault, done. We could also add some logic to detect whether (1) we=E2=80=99re running un= der sudo, and in that case, and whether (2) $HOME matches $USER=E2=80=99s home directory as it appears in /etc/passwd. If both conditions are satisfied, we could ignore $HOME and use the home directory from /etc/passwd instead. But=E2=80=A6 that=E2=80=99s complicated, and it=E2=80=99d break uses of =E2= =80=98sudo -H=E2=80=99. We could apply the patch I posted earlier, which simply disables profile migration when SUDO_USER is set. That won=E2=80=99t address the fact that = root writes to the user=E2=80=99s ~/.cache, but there=E2=80=99s not much we can = do here. Thoughts? Ludo=E2=80=99.