From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp2.migadu.com ([2001:41d0:403:4876::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms1.migadu.com with LMTPS id yJ8NIfoqVWYXNwEAe85BDQ:P1 (envelope-from ) for ; Tue, 28 May 2024 02:53:14 +0200 Received: from aspmx1.migadu.com ([2001:41d0:403:4876::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp2.migadu.com with LMTPS id yJ8NIfoqVWYXNwEAe85BDQ (envelope-from ) for ; Tue, 28 May 2024 02:53:14 +0200 X-Envelope-To: larch@yhetil.org Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=R8CBBezp; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org"; dmarc=pass (policy=none) header.from=gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1716857594; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=fN3pkTcqdoCa4TNO8NX5cs1ds5qL+kvXJzsRq5OOWzE=; b=InnnFXcRe0rWtLE6NHmsBUvoU9xn6CYPJ69OmmjdQSpr1oeGcWOfywqCZhfn9fQEd0s7sI Vt19sPnPzXk6JOIrfS6P6nxxZubOm9YJ9RlzK/pHqPuEW7fMj4yxHklToZcrEblp1zpZwj udg+QjmHHiI9Md75EAvN1Hv5ReAhTZ9a2Df2qQ2DBTBldKkxxgOBoeWQJKL9J2DmceYR2Z 8nMWpn7axOl3MWMidMlf+grYT2HtzxfHgw+MzKf9QOwwa5OI2j5rqyKu/KbBJamz0KUmJl jDi0biFoJvfkfhyaodXuyUnXCR07iLWJgn0Rkn4hLW0+iZwV4Dx9mY/ENTMUyw== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=R8CBBezp; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org"; dmarc=pass (policy=none) header.from=gmail.com ARC-Seal: i=1; s=key1; d=yhetil.org; t=1716857594; a=rsa-sha256; cv=none; b=uqQD+PqbO9dNZoXt6CbieGBmBpz4vqUoVRsMyzRX6TvlcdDefWOCL+9XqwiDqyBL7lBkhB 33JHjn6hx7TA59BQmEH7KhL9TWmrVsn1qSwijuZ9/jyb8HH4Kafo3GDiat5wt6NqQCZOVf 84SBQzALEgZOS2H/AYwT3COC0ieIZ+VgzRIZs5TPY/VIohtohY2CAZm3L/z+7qbaTUdaeH waK3ZENCQxCwl4C43tKjogQ8IxeBL6YTAq/Dlm8jrYZn9PBDLGFySv+QAgKZ1GIDPl6CD5 1V1L1cL5n2AfsXuV/YFzxqtRcdvDcoNAp8r1z/ZfS5abgCoFYRQwQosgUg8rVA== Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 5372C7E412 for ; Tue, 28 May 2024 02:53:14 +0200 (CEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sBl53-00034N-B0; Mon, 27 May 2024 20:52:45 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sBl51-00034D-OO for guix-devel@gnu.org; Mon, 27 May 2024 20:52:43 -0400 Received: from mail-ot1-x32f.google.com ([2607:f8b0:4864:20::32f]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sBl4y-0003Qd-2V for guix-devel@gnu.org; Mon, 27 May 2024 20:52:43 -0400 Received: by mail-ot1-x32f.google.com with SMTP id 46e09a7af769-6f12ed79fdfso190830a34.0 for ; Mon, 27 May 2024 17:52:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1716857558; x=1717462358; darn=gnu.org; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=fN3pkTcqdoCa4TNO8NX5cs1ds5qL+kvXJzsRq5OOWzE=; b=R8CBBezpvPn1Kp2SDUW7cZlgZdiAdONSK+Aez0nz0sdpg2yheppKqUtYiisiNylea1 envfChHa63doe8NC4j0ZwV3wl2rct88mPKJM+MmbdcBQ44YK15QR/3J2CKwy0WfpEoEr pVGgMa4HCs2fAE17DNZmov3Kz6DFrIT/l5bzGQesRFGJuFVK9EAVkWoK/ErhRTlRDIYg I8VLgCu0vrj2eXQ5/jHHkqLY8Nt+icllu+n/Sh1KecTUCkPIR5UMNkI0p48TkM4+H9tl QRpza/CUV+BT5v/qb43AJlL7aeFS17w0a6bkr3MTqOVWSvwibfxvw4h/uVy/F+B/0Lbm dBCA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1716857558; x=1717462358; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=fN3pkTcqdoCa4TNO8NX5cs1ds5qL+kvXJzsRq5OOWzE=; b=WU/LwO9gzokP60uMHuHlw0yk5yhbjsLUbEB9OIs5lfcXd84fGilSMggIAU+clVLVk5 kNZe7xwD0KV9yjyES5UXFvgLjvu1Zoa+msAqfjNdVmIJ+Y3me8g1JV6JkJ7Qo5uqcQ0h er/gs4a3N/eFVos78/f9caCSvqN3b1juLsqAZXbpvrA4hpmo0L/blEk08R8Ox2h5DYJG SJxfdHa7Xwhz87df6zKys92aQIsBBcVxFNT+2FUczXJGjEGIrfVAK/Xad5xgs+HChmDF glDh7RAegE4MfXhV8YWRj7kIxADsaTDSOuuwEWrEgqfgAjDYWJQUP0RrEot3kHZ+cxH+ 8pzw== X-Forwarded-Encrypted: i=1; AJvYcCXm+ZfYFr9D3gPkha7/zdQXl2kN+e03r6mrR8uBNyfyG7eF2TY+mCesbRmOqm0/96WprcHHSlOQHRSUJ9Te7nLRFPc= X-Gm-Message-State: AOJu0YxWFDTMylWNhhQQhF5PHZAntuYvvi0io714ouNYH5y8vSsawkds v3gPbdiO8HkSG9kGnxinVzCIfmDXcr1zIqiCcbNe8EhsVLmXG2QZ9ldq+ttXW5FJWiMNPNECYJf sitti++Uot/xrYpHLJlEf6nMokk0= X-Google-Smtp-Source: AGHT+IHZPYK5T8e9+HOY3BtqxKC7mgBmqPZz2iplm6PKLJv/PYkxcnnwSeIKZdK/D6W/vCFnrTHVSFK1U1OH7wR+FTw= X-Received: by 2002:a05:6870:b608:b0:22a:4f07:13cc with SMTP id 586e51a60fabf-24ca123caeamr11991456fac.33.1716857558058; Mon, 27 May 2024 17:52:38 -0700 (PDT) MIME-Version: 1.0 From: Nathan Dehnel Date: Mon, 27 May 2024 19:52:27 -0500 Message-ID: Subject: watchdog triggered auto-rollback To: raingloom , guix-devel@gnu.org Content-Type: text/plain; charset="UTF-8" Received-SPF: pass client-ip=2607:f8b0:4864:20::32f; envelope-from=ncdehnel@gmail.com; helo=mail-ot1-x32f.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org Sender: guix-devel-bounces+larch=yhetil.org@gnu.org X-Migadu-Country: US X-Migadu-Flow: FLOW_IN X-Spam-Score: -9.65 X-Migadu-Queue-Id: 5372C7E412 X-Migadu-Scanner: mx10.migadu.com X-Migadu-Spam-Score: -9.65 X-TUID: uAGCe1VDw9a+ >Would others find this useful? I would 100% use this. >Where in the stack would this be solved? I think there's two places for rollbacks with two different purposes GRUB: https://www.gnu.org/software/grub/manual/grub/html_node/fallback.html GRUB supports falling back to another boot entry if the machine fails to boot. This could be integrated with guix so GRUB falls back to a previous guix system generation. This covers the case of "we can't start a watchdog service because the system won't boot". SSH watchdog: a shepherd service that tests SSH connectivity, and then executes "guix system roll-back && reboot". SSH access is a rough approximation for "the system is working", as kernel, init, and all manner of networking services, DHCP, DNS, VPN, etc. must work for SSH to work. And if SSH works then it provides a means for a user to fix their system anyways.