From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp10.migadu.com ([2001:41d0:306:2d92::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms9.migadu.com with LMTPS id oJYaLHfU1GQ8/QAASxT56A (envelope-from ) for ; Thu, 10 Aug 2023 14:13:43 +0200 Received: from aspmx1.migadu.com ([2001:41d0:306:2d92::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp10.migadu.com with LMTPS id +OgCK3fU1GQ8jAAAG6o9tA (envelope-from ) for ; Thu, 10 Aug 2023 14:13:43 +0200 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 42C863FDDB for ; Thu, 10 Aug 2023 14:13:43 +0200 (CEST) Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=wolfsden.cz header.s=mail header.b=JJukDX7V; dkim=pass header.d=wolfsden.cz header.s=mail header.b=JJukDX7V; spf=pass (aspmx1.migadu.com: domain of "help-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="help-guix-bounces+larch=yhetil.org@gnu.org"; dmarc=pass (policy=none) header.from=wolfsden.cz ARC-Seal: i=1; s=key1; d=yhetil.org; t=1691669623; a=rsa-sha256; cv=none; b=LtJEBGJUhWt1p/4L6ArKbN1SQSonhEmsk2iw3TiUre61/nZlq1rNjO82CDG6JxPJly9jGq yUMZxRympIWPd8zAiltlZVDVVqSETsuSR3n7phyAOHBB9wLM0Mm4gNuX6na395DEidBA8s MD5aBWIZFLXxDUZ6RnAU+251A/SLXiVk4Gfbkc13Xo0OjBr5cIFb2h6hYqPHTXLLBIO/6q aIrU3hwbwsyJL96/8X84wKqWoyrxXj9eXhBmwRSKRDP+Nhd/Ovbst5QhIcA5SzLXAgwUAO Ih7al6F++OGlTrImcsmKcxADTaxe4eNk9ZH+h09K91dRtZb9oY8eOZAcw1Y2uQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1691669623; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=xH+kAn/wvYLRJ0MVxK64RUM5wFIFW1+OiFqjkGsN6R8=; b=VsxeuNEPy9c8/7LiIgvv9oBOf/U9VyXRdrT2ucJEOeQvngdRKG3kdtUYGhxzvuu7kqNj/K +NNdxWJIXiXW9ud7Qil91guJT8l3FzVsGQYNKLJbBTcFRMTaAw7UIweKp582Ojr1sDUEJp KRqk/sE8QMt7GUyTGQU3yQRHR8Jk+Pfq+sbxaqd4GfmB/u98QXC10CFWgvgjQQdk2R/HSD bvEMOMEn3FYmEKUrgZTYf7T6diJQg4lJo4IJ01sg2W2d1XypQEylV0BJmWYLAGPaBhVd1z D/1mfxEvOLLfF1Q2tY2Zn/vlVQZBh8FJCCYwyTmeq70UAlchuPPh+aV++1ekWg== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=pass header.d=wolfsden.cz header.s=mail header.b=JJukDX7V; dkim=pass header.d=wolfsden.cz header.s=mail header.b=JJukDX7V; spf=pass (aspmx1.migadu.com: domain of "help-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="help-guix-bounces+larch=yhetil.org@gnu.org"; dmarc=pass (policy=none) header.from=wolfsden.cz Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1qU4XR-0001wu-IH; Thu, 10 Aug 2023 08:13:13 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qU4XD-0001uq-8I for help-guix@gnu.org; Thu, 10 Aug 2023 08:12:59 -0400 Received: from wolfsden.cz ([37.205.8.62]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qU4XA-0004hP-DO for help-guix@gnu.org; Thu, 10 Aug 2023 08:12:59 -0400 Received: by wolfsden.cz (Postfix, from userid 104) id DB65126CE67; Thu, 10 Aug 2023 12:12:52 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wolfsden.cz; s=mail; t=1691669572; bh=M2V6W7g08+I80tI3LLJqLx1DmCB8r/iuzRSUDrFNKeo=; h=Date:From:To:Cc:Subject:References:In-Reply-To; b=JJukDX7V6V8HhFPz54dN2SHN5fNyUyiRre0U4kXdvGIov50W0rJ40Mmk461sz7R+C n+K3Z6tnSmwN0eLOwhmUoVKOA9SZHRWOC2cPT1rSFKzydSgc8O6EBVXtKKwaVuKG3b vMf8kOZ5MpXsFrnQUvaC/uCsbiKtl8Ax4kshfxOPilAoznw1HIh6UPe6OoK6HNctxK 2r4vFlirom+9QENisjh/v5UXGRMRrqj0IbCiVF9LIe5MixhZ2fBFg1skTVcOYctPcV QMyKSq5QQZ/JTqfACajDdgtBSkZ4BeufUjnId2SCIlF1TdDbfvDvOdf4WGUPy+Y5o6 qQhq0Bn0xdcwrb58fCIq0lbumj6kRPLmewiGptdPWsHuIx6U1unCBaslc43jGkbZbh loeYHecJMX0fqjb20pvywnmTFJ726JnY9U9gL5PpKbdtXBe6vwmePVbIvZoSdGl3vo ePvVyGL1cMH8SDANQH34ybiLLK8rt6CqM2p/sSCucbE7z+h/uqJ18C2YYFic/qEzIJ Ny5sopLy7NjFh5uby+ZqmdoR8UO4iumuHBDF3Qw6ZGShmIF5m6LC2MRkJTg0tDBa4Q JzuJYSVzNur/YAdafNiP3AkDD3aJNgXwT5YY/pQ63lOMqM1UD/NobZgY4Nzhc52C2w XSGPaRKHl4p4a5MPzYeunuVM= Received: from localhost (unknown [128.0.188.242]) by wolfsden.cz (Postfix) with ESMTPSA id 0E522271F88; Thu, 10 Aug 2023 12:12:52 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wolfsden.cz; s=mail; t=1691669572; bh=M2V6W7g08+I80tI3LLJqLx1DmCB8r/iuzRSUDrFNKeo=; h=Date:From:To:Cc:Subject:References:In-Reply-To; b=JJukDX7V6V8HhFPz54dN2SHN5fNyUyiRre0U4kXdvGIov50W0rJ40Mmk461sz7R+C n+K3Z6tnSmwN0eLOwhmUoVKOA9SZHRWOC2cPT1rSFKzydSgc8O6EBVXtKKwaVuKG3b vMf8kOZ5MpXsFrnQUvaC/uCsbiKtl8Ax4kshfxOPilAoznw1HIh6UPe6OoK6HNctxK 2r4vFlirom+9QENisjh/v5UXGRMRrqj0IbCiVF9LIe5MixhZ2fBFg1skTVcOYctPcV QMyKSq5QQZ/JTqfACajDdgtBSkZ4BeufUjnId2SCIlF1TdDbfvDvOdf4WGUPy+Y5o6 qQhq0Bn0xdcwrb58fCIq0lbumj6kRPLmewiGptdPWsHuIx6U1unCBaslc43jGkbZbh loeYHecJMX0fqjb20pvywnmTFJ726JnY9U9gL5PpKbdtXBe6vwmePVbIvZoSdGl3vo ePvVyGL1cMH8SDANQH34ybiLLK8rt6CqM2p/sSCucbE7z+h/uqJ18C2YYFic/qEzIJ Ny5sopLy7NjFh5uby+ZqmdoR8UO4iumuHBDF3Qw6ZGShmIF5m6LC2MRkJTg0tDBa4Q JzuJYSVzNur/YAdafNiP3AkDD3aJNgXwT5YY/pQ63lOMqM1UD/NobZgY4Nzhc52C2w XSGPaRKHl4p4a5MPzYeunuVM= Received: from localhost (localhost [local]) by localhost (OpenSMTPD) with ESMTPA id 14845316; Thu, 10 Aug 2023 12:12:51 +0000 (UTC) Date: Thu, 10 Aug 2023 14:12:51 +0200 From: wolf To: Hartmut Goebel Cc: help-guix Subject: Re: Putting a file into system image ~user/ but not on reconfigure Message-ID: Mail-Followup-To: Hartmut Goebel , help-guix References: <7310402d-a58e-e64e-97fb-48bdcef77b9b@crazy-compilers.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="JVQDSG9m/JsCeaei" Content-Disposition: inline In-Reply-To: <7310402d-a58e-e64e-97fb-48bdcef77b9b@crazy-compilers.com> Received-SPF: none client-ip=37.205.8.62; envelope-from=ws@wolfsnet.cz; helo=wolfsden.cz X-Spam_score_int: -17 X-Spam_score: -1.8 X-Spam_bar: - X-Spam_report: (-1.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, SPF_HELO_PASS=-0.001, SPF_NONE=0.001, UNPARSEABLE_RELAY=0.001 autolearn=no autolearn_force=no X-Spam_action: no action X-BeenThere: help-guix@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: help-guix-bounces+larch=yhetil.org@gnu.org Sender: help-guix-bounces+larch=yhetil.org@gnu.org X-Migadu-Flow: FLOW_IN X-Migadu-Country: US X-Migadu-Spam-Score: -8.97 X-Migadu-Scanner: mx2.migadu.com X-Migadu-Queue-Id: 42C863FDDB X-Spam-Score: -8.97 X-TUID: 0gmCXp1v03NW --JVQDSG9m/JsCeaei Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2023-08-10 00:11:55 +0200, Hartmut Goebel wrote: > Hi, >=20 > sorry for the hard to understand subject. >=20 > I need to put a file into a system image (into ~user) which will not be > recreated or touched when running "system reconfigure" later, even if > not existent. So this is some kind of "one-time service", removing > itself on first boot. >=20 > Any ideas how to do this? >=20 > (One could imagine some self-destructing script creating the file. > Anyhow AFAIK this script would be recreated on next "system > reconfigure". Als leaving some "script was run" marker is a bad option, > as removing the marker would recreate the file, which is to be > avoided.) I guess you could have a script that would use the existence of the key its= elf as a marker. In that case you would likely want to recreate it if the mark= er (key) got deleted, since the machine would be impossible to get into otherw= ise. It would run on every boot, but after the very first one it would not do anything. >=20 > Background: >=20 > I aim to create Vagrant boxes (machine templates) based on guix system > images. This works quite well so far, using image format qcow2, putting > the image and some simple files at the right place and the > vagrant-libvirt plugin for running the machine. Using a symlink I can > even avoid copying the boxes disk image out of the store =E2=80=94 vag= rant will > create a copy when creating a machine anyway. I do not have much experience with Vagrant, but I assumed the general idea = for these kind of systems declarative systems is to just recreate the when upda= tes are required. Is it expected to actually run guix reconfigure inside the V= M? >=20 > Now for vagrant being able to log into the machine when starting it > (and eventually "provision" the machine =3D execute some commands) box= es > are expected to include an "insecure ssh key" in > ~vagrant/.ssh/authorized_keys. Vagrant will replace this key by another > one when creating a machine. So this behavior is reasonable secure. >=20 > One possible solution I found (not yet tested and tools not yet in > guix) is to use one of the guestfstools ([1]https://libguestfs.org/) to > copy the file into the image. Anyhow this would require copying the box > out of the store to get a writable file. > -- > Regards > Hartmut Goebel >=20 > | Hartmut Goebel | [2]h.goebel@crazy-compilers.com = | > | [3]www.crazy-compilers.com | compilers which you thought are impossible= | >=20 > References >=20 > 1. https://libguestfs.org/ > 2. mailto:h.goebel@crazy-compilers.com > 3. http://www.crazy-compilers.com/ W. --=20 There are only two hard things in Computer Science: cache invalidation, naming things and off-by-one errors. --JVQDSG9m/JsCeaei Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEt4NJs4wUfTYpiGikL7/ufbZ/wakFAmTU1EMACgkQL7/ufbZ/ wak1vQ//T4KbtvnGHOLbdvXAuV8sX7+wIRsOxK7D+SP4sy6E3s79bsHj7bvxVEiQ HQ+46kkoZI4eYifSTdXUMQEy4GJkYeFt0tFEU+T1trHI+VISYV5MAyGoPGtPk6kg BcHG0OKr0vMMkZMxb9ub4TgZp3devnoSOYycG9Kmphu6R47wgcB3L7Px1xjLVY0Z RVsCmlGRR/hEtQWKmOPrwpLEVrRN17sxhiNWOIyFAwFYi3dzjqrbiJEyoeblzoKN 89uVddmh/sJ1XJep5e5u3rexVWCMMgc+jqKn4I/G7LhYp6i6S/B/AXTE1s3IuhqH E0gga0V+mSRaRxH4isq1Dvlr/pifLf2fu/IRFyId/EV4VmIAjbcTbqcHmPNNvgv9 JArVb+EvXQcbrfqVrMa//GQH7VdjcLmw8M5gXz2H4BiX2X9U/FYxDLVQJcQ3dcmF 4Vf5E+UEceAn9wpObIYS7i7zYZ79CZbV3p9ZWIYmoqj2WlkR7ZazVi9O22jdlZb0 rw8An4r3KqRYOPQXydcmMrFqaHt0PvoNP8d9r76rVBOQ+s+Djedwr3jhiLY0Vdeh d8Seg9qpkA/pxdpQFLJWGOWRZUEHolfG1eoMlvIqV6G0TdaprFNd3Cc3Hv2l2bkC tMX+2SbByR1ry6N5r04Lwp4orqt08jcJgGurl/J9TsK9vTw5N6A= =WogJ -----END PGP SIGNATURE----- --JVQDSG9m/JsCeaei--