From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp11.migadu.com ([2001:41d0:8:6d80::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms0.migadu.com with LMTPS id mHhZJ/sn72Ew7QAAgWs5BA (envelope-from ) for ; Mon, 24 Jan 2022 23:28:11 +0100 Received: from aspmx1.migadu.com ([2001:41d0:8:6d80::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp11.migadu.com with LMTPS id iAGiJPsn72GwBgAA9RJhRA (envelope-from ) for ; Mon, 24 Jan 2022 23:28:11 +0100 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 2A59E1F6F2 for ; Mon, 24 Jan 2022 23:28:11 +0100 (CET) Received: from localhost ([::1]:34608 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1nC7oo-00085q-3r for larch@yhetil.org; Mon, 24 Jan 2022 17:28:10 -0500 Received: from eggs.gnu.org ([209.51.188.92]:38792) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1nC7og-00085S-39 for guix-patches@gnu.org; Mon, 24 Jan 2022 17:28:02 -0500 Received: from debbugs.gnu.org ([209.51.188.43]:53233) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1nC7of-0006Ls-Q5 for guix-patches@gnu.org; Mon, 24 Jan 2022 17:28:01 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1nC7of-0000jf-Nm for guix-patches@gnu.org; Mon, 24 Jan 2022 17:28:01 -0500 X-Loop: help-debbugs@gnu.org Subject: [bug#53447] [PATCH] doc: Unset environment variables considered harmful Resent-From: Maxim Cournoyer Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Mon, 24 Jan 2022 22:28:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 53447 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: Liliana Marie Prikler Cc: Ludovic =?UTF-8?Q?Court=C3=A8s?= , 53447@debbugs.gnu.org Received: via spool by 53447-submit@debbugs.gnu.org id=B53447.16430632302763 (code B ref 53447); Mon, 24 Jan 2022 22:28:01 +0000 Received: (at 53447) by debbugs.gnu.org; 24 Jan 2022 22:27:10 +0000 Received: from localhost ([127.0.0.1]:46136 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nC7np-0000iV-I9 for submit@debbugs.gnu.org; Mon, 24 Jan 2022 17:27:09 -0500 Received: from mail-qt1-f170.google.com ([209.85.160.170]:34434) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nC7nn-0000iG-Dx for 53447@debbugs.gnu.org; Mon, 24 Jan 2022 17:27:07 -0500 Received: by mail-qt1-f170.google.com with SMTP id c15so8867520qtv.1 for <53447@debbugs.gnu.org>; Mon, 24 Jan 2022 14:27:07 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:references:date:in-reply-to:message-id :user-agent:mime-version:content-transfer-encoding; bh=iuTOWwsuYRY0+8jT4vahbzBYoagwr0gQ9GBLxy/K1VQ=; b=gEhG7drM54fKWHM+KR4866Rpj4TMpVVH+LmC3mOBrXR0JE6DMEGxMHCqr6Rmh3olij ZcCdzBBTb6xdOrTeBEGNvdwhvzaDIfugrMHI/juWDGJSWehLHynhzcykgd2LKjGe3BnQ UU0JAk1P/AYJPN0GwCLjLxwXp6ydcR1xHjbPHE6YZblPACvNhnF5+H/mECAN9fKIlMHc ebTaqTnMrgWKJcKJ1HcXqhp6dz+6Zt1VLN4N8ILEAmF+rv8JEwe1NwSbBqsrFE4Qqjq3 BAYrFgVio3rsvzC/18RjZQxd1jTmfM/IDn3yXhsY7bsMqt/i3JpW7DGNcZidegRpqCyp JbUA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:references:date:in-reply-to :message-id:user-agent:mime-version:content-transfer-encoding; bh=iuTOWwsuYRY0+8jT4vahbzBYoagwr0gQ9GBLxy/K1VQ=; b=Nu8fg1ZO1Te8AWLGH+MUg/KQDZPIsDod6Ne6bdXhM+a1WzguXkcfvERp7FPppqp1Eh tToz7x9o2+MtpUGiFs8x5x9ao0rxGs1axvjZErfDjjgrB4ToNAVpUE7IJ2hqrR225OO1 a3lK0PA+dzs/Ff+EVxl9kbuucBxaT/YZhJP6iBOeCUd/wKB4Q5q7yZLrvEIFqLJ39oQ8 L1BDvnaRCAcdhZJuYWyD33J70EJOPvAVRqBQiyj6hTCvYN4Vtq6z6U8tH3lUncFVxrkJ Nmx8bo7Fjb5SMpOvfaxyZLCoRNUOLHrAs6sssxpb2cqqESUSDKHD86JEcbSk2L76SfKb ESaA== X-Gm-Message-State: AOAM530jg/MoFa0v2SyhvH2BgfAnHU5jVgmauig928+V1Bl4BdsJ6tf3 BQctIDdYAihMU80/4Cei/KZkw/6yOUg= X-Google-Smtp-Source: ABdhPJwALfaCpGBcASFNtw2LdKXNZIPb+G7mpu6R55i4KdrlwG6voFdD5gXrN7D3Cf6n5psIkMxBzQ== X-Received: by 2002:ac8:5993:: with SMTP id e19mr14488266qte.500.1643063221789; Mon, 24 Jan 2022 14:27:01 -0800 (PST) Received: from hurd (dsl-205-233-125-146.b2b2c.ca. [205.233.125.146]) by smtp.gmail.com with ESMTPSA id h12sm7876131qkp.129.2022.01.24.14.27.01 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 24 Jan 2022 14:27:01 -0800 (PST) From: Maxim Cournoyer References: <875yqb21va.fsf@gnu.org> <19bb45159c0934e8d84035abdcfb00d8202233dd.camel@gmail.com> Date: Mon, 24 Jan 2022 17:27:00 -0500 In-Reply-To: <19bb45159c0934e8d84035abdcfb00d8202233dd.camel@gmail.com> (Liliana Marie Prikler's message of "Sat, 22 Jan 2022 18:53:02 +0100") Message-ID: <87y2344vnv.fsf_-_@gmail.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: "Guix-patches" X-Migadu-Flow: FLOW_IN X-Migadu-Country: US ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1643063291; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:resent-cc: resent-from:resent-sender:resent-message-id:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=iuTOWwsuYRY0+8jT4vahbzBYoagwr0gQ9GBLxy/K1VQ=; b=sq/Fm8V/8IEjcj0HMSZHLk/hxRntQ8VcYnwGVNY3AIYfZmHIYrJQmczAmYLz5jNHNpFsOX xvO3nbgKN8CKRQVgcuy1d0uiqm2Dq5a5CtWK7lU+xGCjzxICOI8kHYPSl6nNT6az/nc9+S P1x5ZxFz1fCPxi47sUkitvsnxTf1LAbQ45ojBG5kmeP7cGM2nCKP6xzGLH78FOvlEvByVk CE78dauCuH74Ugv2a+kgKcTJc77ol2Oc7FZZVGPxwi7C2tBwMlRhJ0K38xUrlWSH6wTzHG +fL6XZYWKtQThxJ8fMT14aynfgeWaDd4ItpfOh/PeaIIFSPdqo97lqY+r0ukVA== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1643063291; a=rsa-sha256; cv=none; b=dwpBTVBFdYO6E6ns3k1k5nf1HvXlUT68j2B5D2I1KJ/re+mi6cWtWC3DOVa1VtFwbitkdc lwPX+FRF+vfm3CSTONwN3toug8mRmj4ApNXbAXVyesmdO8h4BdCgDZkdzyE/lKNBP914Hv yiKD8lciYf1zbd6EcqSco5wn9lmRG2BxygDcXbHDvfEAfdOUddEQCVuCyauTae5waKIgyO t2gXnz6sBYUXVKGNO9iJF8nnCyOuTrbEe051xvpL6jIf2/LD6BlvBmbPVQSVySyo0eDPPO x6je6LnstfNrCMSJPC8QBUZ69zi0Br1fy3dLR+5d2YNnZ4a+27pxdDTJvSp1dg== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=gmail.com header.s=20210112 header.b=gEhG7drM; dmarc=fail reason="SPF not aligned (relaxed)" header.from=gmail.com (policy=none); spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org" X-Migadu-Spam-Score: -2.03 Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=gmail.com header.s=20210112 header.b=gEhG7drM; dmarc=fail reason="SPF not aligned (relaxed)" header.from=gmail.com (policy=none); spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org" X-Migadu-Queue-Id: 2A59E1F6F2 X-Spam-Score: -2.03 X-Migadu-Scanner: scn1.migadu.com X-TUID: GujxihkTxAJu Hi Liliana and Ludo, Liliana Marie Prikler writes: > Hi Ludo, > > Am Samstag, dem 22.01.2022 um 17:04 +0100 schrieb Ludovic Court=C3=A8s: >> Hi Liliana, >>=20 >> Liliana Marie Prikler skribis: >>=20 >> > * doc/guix.texi (Application Setup): Add subsection for implicit >> > environment variables. >> > --- >> > =C2=A0doc/guix.texi | 27 +++++++++++++++++++++++++++ >> > =C2=A01 file changed, 27 insertions(+) >> >=20 >> > diff --git a/doc/guix.texi b/doc/guix.texi >> > index 912a8e3c5a..805e3b611f 100644 >> > --- a/doc/guix.texi >> > +++ b/doc/guix.texi >> > @@ -2023,6 +2023,33 @@ want to avoid auto-loading the Emacs >> > packages installed with Guix, you >> > =C2=A0can do so by running Emacs with the @option{--no-site-file} opti= on >> > =C2=A0(@pxref{Init File,,, emacs, The GNU Emacs Manual}). >> > =C2=A0 >> > +@subsection Implicit Environment Variables >> > + >> > +Many environment variables are defined in a way that assumes a >> > certain >> > +default value, even if unset.=C2=A0 For example, bash uses the current >> > +working directory as @env{PATH} if unset, or @env{XDG_CONFIG_HOME} >> > +expands to @file{$HOME/.config}.=C2=A0 Some of these defaults remain >> > the same >> > +whether a package is used through Guix or not---however, >> > environment >> > +variables referring to @file{/etc} or @file{/usr} typically have >> > their >> > +meaning subtly changed in Guix.=C2=A0 An application installed via Gu= ix >> > might >> > +instead look up files in its own @file{etc} structure, or (if a >> > +search-path was specified) even override the default for packages >> > from >> > +the foreign distro. >>=20 >> I think I miss some context: what concrete problem is this trying to >> solve?=C2=A0 What is it telling me to do? >>=20 >> I wonder to what extent this is actionable for a user, due to wording >> that leaves it up to the reader to figure out how this applies to >> them: >>=20 >> =C2=A0 =E2=80=9CMany environment variables=E2=80=9D >> =C2=A0 =E2=80=9Ca certain default value=E2=80=9D >> =C2=A0 =E2=80=9CSome of these=E2=80=9D >> =C2=A0 =E2=80=9CAn application installed via Guix might=E2=80=9D >> =C2=A0 =E2=80=9Cproblems coming from such implicitly defined=E2=80=9D >> =C2=A0 =E2=80=A6 >>=20 >> I think the =E2=80=9CApplication Setup=E2=80=9D section should be as con= crete as >> possible, with clear instructions (=E2=80=9CIf X then type Y=E2=80=9D), = possibly >> followed by explanations that curious readers can read and that >> others can skip. >>=20 >> WDYT? I initially thought it unnecessary and vague, but after reading the bug reports listed below, it seems to make sense to document it. And reading it now, that's probably the issue I encountered myself in https://issues.guix.gnu.org/53233. > I think there are too many examples to exhaustively list them all, but > to give an example, [1, 2, 3, 4] are all the same bug and in [2] Carlo > said we should document this under "Application Setup". My personal > stance is that the Guix behaviour is not a bug and other distros are > weird for not explicitly binding it. I like to see this as a bug, so I've opened one as 53514; Guix should strive to not mess with the host environment, and setting global variables used by both Guix and a potentially foreign host goes against this. The proper fix would be to patch all applications in Guix to use Guix-specific variables, such as GUIX_XDG_DATA_DIRS instead of XDG_DATA_DIRS. > I know my wording is not the best here, but "If X then Y" is a little > too late when your session broke. But if your session broke and you > read the manual saying "blah blah unset environment variables evil", > you are more likely to suspect "hmm, maybe evil environment variables > were evil". Fortunately, with distros trying out Flatpaks and Snaps, > XDG_DATA_DIRS is less likely to break them, but still. We never know > which variable will be the next to blow things up. Agreed that this is useful in the meantime. Perhaps add a TODO comment pointing to the bug I've opened. Thank you, Maxim