From: Bruno Victal <mirai@makinata.eu>
To: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Cc: 63082@debbugs.gnu.org
Subject: bug#63082: [PATCH v3 10/16] services: mpd: Let Shepherd effect the user/group change.
Date: Wed, 24 May 2023 17:41:23 +0100 [thread overview]
Message-ID: <aa58f421-0e51-5a17-865e-031ec7b5724c@makinata.eu> (raw)
In-Reply-To: <5c6d38ec1621cf031175df6e05c027285d0acaae.1683299529.git.maxim.cournoyer@gmail.com>
On 2023-05-05 19:29, Maxim Cournoyer wrote:
> Relates to <https://issues.guix.gnu.org/63082>.
>
> Quoting a MPD developer, regarding MPD's feature to switch user itself:
> "that's legacy for the dark ages when proper service managers did not exist"
> :-).
>
> * gnu/services/audio.scm (mpd-serialize-user-account)
> (mpd-serialize-user-group): Delete procedures.
> * gnu/services/audio.scm (mpd-configuration) [user]: Do not serialize.
> [group]: Likewise.
> (mpd-shepherd-service): Provide the #:user, #:group and #:supplementary-groups
> arguments.
> (mympd-shepherd-service): Likewise, and remove the '--user' argument.
> * doc/guix.texi (Audio Services): Update doc.
> (mympd-configuration) [port]: Change default value to 8080.
> [ssl-port]: Change default value to 443.
> * gnu/tests/audio.scm (run-mympd-test): Adjust accordingly.
> ---
> doc/guix.texi | 12 +++++-----
> gnu/services/audio.scm | 52 +++++++++++++++++++++++++-----------------
> gnu/tests/audio.scm | 4 ++--
> 3 files changed, 39 insertions(+), 29 deletions(-)
This contains a submarine change that isn't easily spotted from the
commit message, that mympd is getting its default port changed and that
it can no longer bind to privileged ports, since although mympd can
start as root in order to bind to possibly privileged ports, it will
explicitly refuse to continue running as root afterwards.
I think we can have shepherd effect for mympd, but only if (and after)
shepherd gets support for POSIX capabilities (CAP_NET_BIND_SERVICE) or
a suitable way to specify that “yes, the program invoked by the service
should have CAP_NET_BIND_SERVICE” is provided.
--
Furthermore, I consider that nonfree software must be eradicated.
Cheers,
Bruno.
next prev parent reply other threads:[~2023-05-24 16:42 UTC|newest]
Thread overview: 105+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-04-26 2:58 bug#63082: mpd defaul configuration does not work ('No database' error) Maxim Cournoyer
2023-04-26 3:11 ` Maxim Cournoyer
2023-04-26 18:28 ` Liliana Marie Prikler
2023-04-28 14:26 ` bug#63082: [PATCH 00/17] Improve out-of-the-box experience with mpd-service-type Maxim Cournoyer
2023-04-28 14:26 ` bug#63082: [PATCH 01/17] services: mpd: Add an 'update' action to trigger a database update Maxim Cournoyer
2023-04-28 14:26 ` bug#63082: [PATCH 02/17] services: mpd: Streamline mpd-user-sanitizer and mympd-user-sanitizer Maxim Cournoyer
2023-04-28 14:26 ` bug#63082: [PATCH 03/17] services: mpd: Rename %set-user-group to set-user-group Maxim Cournoyer
2023-04-28 14:26 ` bug#63082: [PATCH 04/17] services: mpd: Obsolete the 'group' field Maxim Cournoyer
2023-04-28 21:50 ` Bruno Victal
2023-04-29 1:15 ` Maxim Cournoyer
2023-04-29 12:12 ` Bruno Victal
2023-04-29 17:12 ` Maxim Cournoyer
2023-04-29 6:26 ` Liliana Marie Prikler
2023-04-29 6:35 ` Liliana Marie Prikler
2023-04-29 17:09 ` Maxim Cournoyer
2023-04-29 17:16 ` Maxim Cournoyer
2023-04-29 22:07 ` Liliana Marie Prikler
2023-05-01 1:07 ` Maxim Cournoyer
2023-05-01 6:13 ` Liliana Marie Prikler
2023-05-03 1:53 ` Maxim Cournoyer
2023-04-28 14:26 ` bug#63082: [PATCH 05/17] services: mpd: List log-level in decreasing verbosity order in doc Maxim Cournoyer
2023-04-28 14:26 ` bug#63082: [PATCH 06/17] services: mympd: Fix log file name Maxim Cournoyer
2023-04-28 21:53 ` Bruno Victal
2023-04-29 1:49 ` Maxim Cournoyer
2023-04-29 1:56 ` Bruno Victal
2023-04-28 14:27 ` bug#63082: [PATCH 07/17] services: mpd: Log to syslog by default Maxim Cournoyer
2023-04-28 22:02 ` Bruno Victal
2023-04-29 16:06 ` Maxim Cournoyer
2023-04-28 14:27 ` bug#63082: [PATCH 08/17] services: mpd: Only rotate log when a log file is specified Maxim Cournoyer
2023-04-28 14:27 ` bug#63082: [PATCH 09/17] services: mpd: Let Shepherd effect the user/group change Maxim Cournoyer
2023-04-28 22:11 ` Bruno Victal
2023-04-29 16:52 ` Maxim Cournoyer
2023-04-28 14:27 ` bug#63082: [PATCH 10/17] system: accounts: Export <user-account> Maxim Cournoyer
2023-04-28 14:27 ` bug#63082: [PATCH 11/17] services: mpd: Warn when the MPD user is not in the "audio" group Maxim Cournoyer
2023-04-29 6:29 ` Liliana Marie Prikler
2023-04-29 17:10 ` Maxim Cournoyer
2023-04-28 14:27 ` bug#63082: [PATCH 12/17] services: mpd: Auto-detect mpd-output mixer type by default Maxim Cournoyer
2023-04-28 14:27 ` bug#63082: [PATCH 13/17] services: mpd: Fix indentation Maxim Cournoyer
2023-04-28 14:27 ` bug#63082: [PATCH 14/17] services: mpd: Obsolete 'environment-variables' field Maxim Cournoyer
2023-04-28 22:17 ` Bruno Victal
2023-04-29 17:04 ` Maxim Cournoyer
2023-04-29 17:23 ` Bruno Victal
2023-05-03 1:44 ` Maxim Cournoyer
2023-05-04 16:21 ` Bruno Victal
2023-05-05 14:44 ` Maxim Cournoyer
2023-04-28 14:27 ` bug#63082: [PATCH 15/17] services: mpd: Provision a default cache directory and set HOME Maxim Cournoyer
2023-04-28 22:22 ` Bruno Victal
2023-04-29 17:07 ` Maxim Cournoyer
2023-04-28 14:27 ` bug#63082: [PATCH 16/17] services: mpd: Update basic example Maxim Cournoyer
2023-04-28 14:27 ` bug#63082: [PATCH 17/17] services: Avoid 'delete' overrides warning in audio module Maxim Cournoyer
2023-04-29 17:21 ` bug#63082: [PATCH v2 00/16] Improve out-of-the-box experience with mpd-service-type Maxim Cournoyer
2023-04-29 17:21 ` bug#63082: [PATCH v2 01/16] services: mpd: Add an 'update' action to trigger a database update Maxim Cournoyer
2023-04-29 17:21 ` bug#63082: [PATCH v2 02/16] services: mpd: Streamline mpd-user-sanitizer and mympd-user-sanitizer Maxim Cournoyer
2023-04-29 17:21 ` bug#63082: [PATCH v2 03/16] services: mpd: Rename %set-user-group to set-user-group Maxim Cournoyer
2023-04-29 17:21 ` bug#63082: [PATCH v2 04/16] services: mpd: Obsolete the 'group' field Maxim Cournoyer
2023-05-05 0:38 ` Bruno Victal
2023-05-05 15:09 ` bug#63082: mpd defaul configuration does not work ('No database' error) Maxim Cournoyer
2023-04-29 17:21 ` bug#63082: [PATCH v2 05/16] services: mpd: List log-level in decreasing verbosity order in doc Maxim Cournoyer
2023-04-29 17:21 ` bug#63082: [PATCH v2 06/16] services: mpd; Refactor start slot directory initialization Maxim Cournoyer
2023-04-29 17:21 ` bug#63082: [PATCH v2 07/16] services: mpd: Log to syslog by default Maxim Cournoyer
2023-04-29 17:21 ` bug#63082: [PATCH v2 08/16] services: mpd: Do not rotate logs when using syslog Maxim Cournoyer
2023-04-29 17:21 ` bug#63082: [PATCH v2 09/16] services: mpd: Let Shepherd effect the user/group change Maxim Cournoyer
2023-04-29 17:21 ` bug#63082: [PATCH v2 10/16] system: accounts: Export <user-account> Maxim Cournoyer
2023-04-29 17:21 ` bug#63082: [PATCH v2 11/16] services: mpd: Warn when the MPD user is not in the "audio" group Maxim Cournoyer
2023-04-29 17:21 ` bug#63082: [PATCH v2 12/16] services: mpd: Auto-detect mpd-output mixer type by default Maxim Cournoyer
2023-04-29 17:21 ` bug#63082: [PATCH v2 13/16] services: mpd: Obsolete 'environment-variables' field Maxim Cournoyer
2023-04-29 17:21 ` bug#63082: [PATCH v2 14/16] services: mpd: Provision a default cache directory and set HOME Maxim Cournoyer
2023-04-29 17:21 ` bug#63082: [PATCH v2 15/16] services: mpd: Update basic example Maxim Cournoyer
2023-04-29 17:21 ` bug#63082: [PATCH v2 16/16] services: Avoid 'delete' overrides warning in audio module Maxim Cournoyer
2023-05-05 18:28 ` bug#63082: [PATCH v3 00/16] Improve out-of-the-box experience with mpd-service-type Maxim Cournoyer
2023-05-05 18:28 ` bug#63082: [PATCH v3 01/16] services: mpd: Add auto-update? field to mpd-configuration Maxim Cournoyer
2023-05-05 18:28 ` bug#63082: [PATCH v3 02/16] services: mpd: Add an 'update' action to trigger a database update Maxim Cournoyer
2023-05-24 16:00 ` Bruno Victal
2023-07-25 20:48 ` bug#63082: mpd defaul configuration does not work ('No database' error) Maxim Cournoyer
2023-07-26 14:02 ` Bruno Victal
2023-07-26 16:12 ` Maxim Cournoyer
2023-05-05 18:28 ` bug#63082: [PATCH v3 03/16] services: mpd: Streamline mpd-user-sanitizer and mympd-user-sanitizer Maxim Cournoyer
2023-05-05 18:28 ` bug#63082: [PATCH v3 04/16] services: mpd: Rename %set-user-group to set-user-group Maxim Cournoyer
2023-05-05 19:42 ` Liliana Marie Prikler
2023-05-07 2:37 ` Maxim Cournoyer
2023-05-24 16:09 ` Bruno Victal
2023-05-05 18:29 ` bug#63082: [PATCH v3 05/16] services: mpd: Obsolete the 'group' field Maxim Cournoyer
2023-05-05 19:51 ` Liliana Marie Prikler
2023-05-07 2:55 ` Maxim Cournoyer
2023-05-07 5:35 ` Liliana Marie Prikler
2023-05-07 18:12 ` Maxim Cournoyer
2023-05-07 18:31 ` Liliana Marie Prikler
2023-05-08 1:05 ` Maxim Cournoyer
2023-05-08 17:21 ` Liliana Marie Prikler
2023-05-05 18:29 ` bug#63082: [PATCH v3 06/16] services: mpd: List log-level in decreasing verbosity order in doc Maxim Cournoyer
2023-05-05 18:29 ` bug#63082: [PATCH v3 07/16] services: mpd; Refactor start slot directory initialization Maxim Cournoyer
2023-05-24 16:26 ` Bruno Victal
2023-07-25 20:07 ` bug#63082: mpd defaul configuration does not work ('No database' error) Maxim Cournoyer
2023-05-05 18:29 ` bug#63082: [PATCH v3 08/16] services: mpd: Log to syslog by default Maxim Cournoyer
2023-05-05 18:29 ` bug#63082: [PATCH v3 09/16] services: mpd: Do not rotate logs when using syslog Maxim Cournoyer
2023-05-05 18:29 ` bug#63082: [PATCH v3 10/16] services: mpd: Let Shepherd effect the user/group change Maxim Cournoyer
2023-05-24 16:41 ` Bruno Victal [this message]
2023-07-25 19:39 ` bug#63082: mpd defaul configuration does not work ('No database' error) Maxim Cournoyer
2023-07-26 15:54 ` bug#63082: [PATCH v3 10/16] services: mpd: Let Shepherd effect the user/group change Maxim Cournoyer
2023-05-05 18:29 ` bug#63082: [PATCH v3 11/16] system: accounts: Export <user-account> Maxim Cournoyer
2023-05-05 18:29 ` bug#63082: [PATCH v3 12/16] services: mpd: Warn when the MPD user is not in the "audio" group Maxim Cournoyer
2023-05-05 18:29 ` bug#63082: [PATCH v3 13/16] services: mpd: Auto-detect mpd-output mixer type by default Maxim Cournoyer
2023-05-05 18:29 ` bug#63082: [PATCH v3 14/16] services: mpd: Provision a default cache directory and set HOME Maxim Cournoyer
2023-05-05 18:29 ` bug#63082: [PATCH v3 15/16] services: mpd: Update basic example Maxim Cournoyer
2023-05-05 18:29 ` bug#63082: [PATCH v3 16/16] services: Avoid 'delete' overrides warning in audio module Maxim Cournoyer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aa58f421-0e51-5a17-865e-031ec7b5724c@makinata.eu \
--to=mirai@makinata.eu \
--cc=63082@debbugs.gnu.org \
--cc=maxim.cournoyer@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.