[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug#52454] [PATCH 0/4] Ensure correct ownership of directory trees in s
From: |
Ludovic Courtès |
Subject: |
[bug#52454] [PATCH 0/4] Ensure correct ownership of directory trees in services.Hello Guix, |
Date: |
Sat, 18 Dec 2021 22:34:45 +0100 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux) |
Hi!
Great patch series!
This has been discussed a few times: I wonder if we should simply chown
service home directories systematically?
Brice Waegeneire <brice@waegenei.re> skribis:
> * guix/build/syscalls.scm (lchown): New procedure.
Would be nice to add even trivial tests to tests/syscalls.scm.
Unfortunately, this doesn’t work for service activation because when
booting, activation snippets are run from the initrd’s Guile, which is
statically linked and lacks dlopen.
This leads to failures like:
--8<---------------cut here---------------start------------->8---
$ make check-system TESTS="postgresql" -j4
[...]
populating /etc from /gnu/store/bchxln4wkfmdbsxww9jaxafsyvlpdbmg-etc...
Please wait while gathering entropy to generate the key pair;
this may take time...
warning: failed to chown "/var/lib/postgresql/data": Function not implemented
warning: failed to chown "/var/run/postgresql": Function not implemented
warning: failed to chown "/var/log/postgresql": Function not implemented
The files belonging to this database system will be owned by user "postgres".
This user must also own the server process.
[...]
fixing permissions on existing directory /var/lib/postgresql/data ... initdb:
could not change permissions of directory "/var/lib/postgresql/data": Operation
not permitted
--8<---------------cut here---------------end--------------->8---
(The ENOSYS error above comes from the ‘lchown’ wrapper.)
For this strategy to work, you need to add ‘lchown’ in
‘guile-3.0-linux-syscalls.patch’ and to use ‘define-as-needed’ in (guix
build syscalls).
(I’m surprised we didn’t already have recursive chown.)
With this in place, we should be all set!
Thanks,
Ludo’.
- [bug#52454] [PATCH 0/4] Ensure correct ownership of directory trees in services.Hello Guix,, Brice Waegeneire, 2021/12/12
- [bug#52454] [PATCH 1/4] syscalls: Add 'lchown'., Brice Waegeneire, 2021/12/12
- [bug#52454] [PATCH 0/4] Ensure correct ownership of directory trees in services.Hello Guix,,
Ludovic Courtès <=
- [bug#52454] [PATCH v2 0/4] Ensure correct ownership of directory trees in services, Brice Waegeneire, 2021/12/21
- [bug#52712] [PATCH v2 4/4] services: cuirass: Ensure correct ownership of directory trees., Brice Waegeneire, 2021/12/21
- [bug#52713] [PATCH v2 2/4] activation: Add 'lchown-recursive'., Brice Waegeneire, 2021/12/21
- [bug#52714] [PATCH v2 3/4] services: postgresql: Ensure correct ownership of directory trees., Brice Waegeneire, 2021/12/21
- [bug#52715] [PATCH v2 1/4] syscalls: Add 'lchown'., Brice Waegeneire, 2021/12/21
- [bug#52454] [PATCH 2/4] activation: Add 'lchown-recursive'., Brice Waegeneire, 2021/12/12
- [bug#52454] [PATCH 4/4] services: cuirass: Ensure correct ownership of directory trees., Brice Waegeneire, 2021/12/12
- [bug#52454] [PATCH 3/4] services: postgresql: Ensure correct ownership of directory trees., Brice Waegeneire, 2021/12/12