[PATCH Shepherd] shepherd: service: Add #:supplementary-groups.

  • Done
  • quality assurance status badge
Details
2 participants
  • Oleg Pykhalov
  • Ludovic Courtès
Owner
unassigned
Submitted by
Oleg Pykhalov
Severity
normal
O
O
Oleg Pykhalov wrote on 28 May 2020 07:19
(name . guix-patches)(address . guix-patches@gnu.org)
87a71sbpr4.fsf@gmail.com
Hello Guix,

This patch provides a way to specify supplementary groups for services.
It's useful for services which could be used with a Docker group,
e.g. Jenkins.

‘shepherd’ package in Guix succeeded to build with current patch. And I
succeeded to pull and reconfigure my Guix system with it. Also ‘make
check’ in Shepherd's Git repository passes tests.
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEcjhxI46s62NFSFhXFn+OpQAa+pwFAl7PSd8ACgkQFn+OpQAa
+pwzyRAAnJ0ze5KPWRpyuhVORlqC7supHpNRwulvAdgU9pJwBCmljITiwvyyqsgw
e0kXK6K6El5/YvDLKg2NTiEDGXP8blZPQnPEHBdJ9H42jvs1RckKMF/DgjhZEkrv
A009d4QpMgO34s2RL5uLhygpapLhairTwbd7C7xhzb96rqgZiUuk5AP7Y1T2OHMI
uJ9HNbQS0MuzCvMWJ8fUke6veX3yxfHSPPSeNyNF6yeGTQMCHf0YGxWJlEkArPtQ
yLru7hQqKLFNdloDMy0UpzXYGYn0CASl3mVZhNyzUqKl7m+LbcpsLlAVg8QuDjND
y/5BFjiFhJjOrMB6cC8sD2W1uiaLN9FTU137g0Evo8TnzZu6TgHGByWFa5xS1O7I
muO9epqJpABvgHqHs7TQ9dluGAtsaYwpySrN87NIYZ/52RcOPir2bHWEz1h8Nij9
G48+drDchVbcCaq+38iqHU3CGyM7QWeSMcvjQRJEm+XUCpZTXP3hKmmPIq5iOjJ7
GlyqT4lC+XAjJOwsd8h4ftQSiT327ESyPY8wQtsB1+xpYpxbsyZiH+VsDcJG6q3z
SU8OiPWuyMn4EUDGNRhvj+lKXmZ8t1Ulc7JCVlSr2FkyzseH8avpaGADxCpY8Wqh
8SY6UqAqYlzVeyRP4FYVeMFk+1G2rZaBJVqFD1ceYGZJOEUbTo0=
=daKp
-----END PGP SIGNATURE-----

L
L
Ludovic Courtès wrote on 14 Jun 2020 22:53
(name . Oleg Pykhalov)(address . go.wigust@gmail.com)(address . 41573@debbugs.gnu.org)
87mu55s72d.fsf@gnu.org
Hello,

Oleg Pykhalov <go.wigust@gmail.com> skribis:

Toggle quote (10 lines)
> From 5718eb5f4130530b48df896d7f7e4a126e08428a Mon Sep 17 00:00:00 2001
> From: Oleg Pykhalov <go.wigust@gmail.com>
> Date: Sun, 24 May 2020 20:30:27 +0300
> Subject: [PATCH] service: Add #:supplementary-groups.
>
> * modules/shepherd/service.scm (format-supplementary-groups): New procedure.
> (exec-command, fork+exec-command, make-forkexec-constructor): Add
> '#:supplementary-groups'.
> * doc/shepherd.texi (Service De- and Constructors): Document this.

[...]

Toggle quote (6 lines)
> +(define (format-supplementary-groups supplementary-groups)
> + (if (vector? supplementary-groups)
> + supplementary-groups
> + (list->vector (map (lambda (group) (group:gid (getgr group)))
> + supplementary-groups))))

Perhaps we should remove the ‘vector?’ case, no? I find it clearer when
the interface accepts just one single data type.

Apart from that, it LGTM!

Note that for compatibility reasons we’ll have to wait before using it
in Guix System.

Thanks,
Ludo’.
O
O
Oleg Pykhalov wrote on 19 Jun 2020 03:28
(name . Ludovic Courtès)(address . ludo@gnu.org)(address . 41573@debbugs.gnu.org)
871rmb4zdy.fsf@gmail.com
Hello,

Ludovic Courtès <ludo@gnu.org> writes:

Toggle quote (23 lines)
> Oleg Pykhalov <go.wigust@gmail.com> skribis:
>
>> From 5718eb5f4130530b48df896d7f7e4a126e08428a Mon Sep 17 00:00:00 2001
>> From: Oleg Pykhalov <go.wigust@gmail.com>
>> Date: Sun, 24 May 2020 20:30:27 +0300
>> Subject: [PATCH] service: Add #:supplementary-groups.
>>
>> * modules/shepherd/service.scm (format-supplementary-groups): New procedure.
>> (exec-command, fork+exec-command, make-forkexec-constructor): Add
>> '#:supplementary-groups'.
>> * doc/shepherd.texi (Service De- and Constructors): Document this.
>
> [...]
>
>> +(define (format-supplementary-groups supplementary-groups)
>> + (if (vector? supplementary-groups)
>> + supplementary-groups
>> + (list->vector (map (lambda (group) (group:gid (getgr group)))
>> + supplementary-groups))))
>
> Perhaps we should remove the ‘vector?’ case, no? I find it clearer when
> the interface accepts just one single data type.

OK.

Toggle quote (5 lines)
> Apart from that, it LGTM!
>
> Note that for compatibility reasons we’ll have to wait before using it
> in Guix System.

No problem.

I updated the patch and tested it again with make check and
reconfiguring my system.
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEcjhxI46s62NFSFhXFn+OpQAa+pwFAl7sFNkACgkQFn+OpQAa
+pyehRAAt4NZd8bLMQq1GSTyJNaJqeOT7gwOiEtUIDgQqw+Nk1+M15ocKNveZlxC
gPE73iTM5U5hXdzWXILi0UkSQYY0C7cbvg1vOgDcv1vn4QEmCFrUAmZR8QO7GPUX
aeXfkUm3JBGDXWybFyArkC2dMF0kfe0k8UjgGjmtlap1dC/sLRVVgJZqZV+Z0/Vz
v2eJ/6zmYdqOgYqHbIwgCXeYm2hT1n6RFF2KpszjAcwdHWbjezuwzDTOdUeXCecB
8p44o56pZ4BpJkahrz8JtLwiRGTE/1Sq4A38j6uJzT14DTKWgTfp2oHxv9EVkAbU
y/HRlPJ1KHYGhKEXGAEaPZ0YhryzUoBgX4/4QsKidVAMdH3wNv0jAZSwwnhrYR3H
kn6pPKcuZ8Uc68IE5Ta7MCJ1oeT66Dg9ZsyFX3NAOvB3pvL13CGD2bGZPDOs95D1
94ORqtzWehikRSRq/JYYwfDlzvL2RMnzSHQAIbZQHvUJX4FNUOoSBcujTYNIbOTI
hVqBe2PdY/ipfMG4NzlIdlaz0QMqehj/muPfpFlp0Q9B7EJ7WVJ/5oYsE95k+UI0
ge/EHUNwfpr8G3odHwRJqbkHliew6NCBZeEVqIiq/8DcIkYbxcV2Tb8t0UCeE6yC
0hQciC59OGpicOgQKOCLzTpnKQYTABzIl/AsyWuLBDwn8ypySks=
=C1QS
-----END PGP SIGNATURE-----

L
L
Ludovic Courtès wrote on 19 Jun 2020 09:56
(name . Oleg Pykhalov)(address . go.wigust@gmail.com)(address . 41573-done@debbugs.gnu.org)
871rmbij4p.fsf@gnu.org
Hi,

Oleg Pykhalov <go.wigust@gmail.com> skribis:

Toggle quote (10 lines)
> From 20a08c750c4d6126d36835c64fed211299cb03e3 Mon Sep 17 00:00:00 2001
> From: Oleg Pykhalov <go.wigust@gmail.com>
> Date: Sun, 24 May 2020 20:30:27 +0300
> Subject: [PATCH] service: Add #:supplementary-groups.
>
> * modules/shepherd/service.scm (format-supplementary-groups): New procedure.
> (exec-command, fork+exec-command, make-forkexec-constructor): Add
> '#:supplementary-groups'.
> * doc/shepherd.texi (Service De- and Constructors): Document this.

Applied with the change below, thanks!

Ludo’.
Toggle diff (13 lines)
diff --git a/doc/shepherd.texi b/doc/shepherd.texi
index 18f1a4d..696477e 100644
--- a/doc/shepherd.texi
+++ b/doc/shepherd.texi
@@ -967,7 +967,7 @@ immediately before invoking @var{command}. @var{user} may be a string,
indicating a user name, or a number, indicating a user ID. Likewise,
@var{command} will be run under the current group, unless the
@var{group} keyword argument is present and not false, and
-supplementary-groups is not '().
+@var{supplementary-groups} is not @code{'()}.
@code{fork+exec-command} does the same as @code{exec-command}, but in
a separate process whose PID it returns.
Closed
?