Polkit actions are not updated after guix system reconfigure

OpenSubmitted by Ryan Moe.
Details
3 participants
  • Danny Milosavljevic
  • Ludovic Courtès
  • Ryan Moe
Owner
unassigned
Severity
normal
R
R
Ryan Moe wrote on 31 Jul 2017 23:08
(address . bug-guix@gnu.org)
CAN-ReHqDxmNcsPAffCo4PYKpf0qjvdvGne0eAeB7Pf8spHsc_A@mail.gmail.com
When a service is added to or removed from the system configuration,polkit actions are not appropriately registered or unregistered.
The policy files are added and deleted correctly but the polkitdprocess needs a SIGHUP afterwards to update the list of registeredactions.

Steps to reproduce:
1. Add (xfce-desktop-service) to (services) in config.scm. [Or anyservice which adds polkit actions]
2. Run guix system reconfigure.
3. Observe that the policy files are in place but not registered: $ ls /etc/polkit-1/actions/*xfce* /etc/polkit-1/actions/org.xfce.thunar.policy
$ pkaction | grep -i xfce $
4. Run killall -HUP polkitd
5. Observe that actions are registered. $ pkaction | grep -i xfce org.xfce.thunar
D
D
Danny Milosavljevic wrote on 31 Jul 2017 23:34
(address . 27889@debbugs.gnu.org)(name . Ryan Moe)(address . ryan.moe@gmail.com)
20170731233404.691437c0@scratchpost.org
Oops!
That's indeed still broken.
But gnu/services/shepherd.scm shepherd-service-file could be extended to provide a "restart" action (shepherd itself already supports it).
The general format for shepherd is:
(register-services (make <service> #:provides '(apache-2.0 apache httpd) #:requires '() #:start (...) #:stop (...) #:actions (make-actions (restart (...))))) ^^^^^^^^^^^^^
But the Guix <shepherd-service> record, which is the source that is eventually compiled to the above, neither has an "actions" slot nor a "restart" slot. It would have to be extended with one.
I wonder whether it would make sense to make shepherd automatically default to a SIGHUP restart action for daemonized processes instead, though. It's not exactly rare for daemons to provide that.
Also, does "guix system reconfigure" already call this restart action if it's present?
R
R
Ryan Moe wrote on 1 Aug 2017 01:10
(name . Danny Milosavljevic)(address . dannym@scratchpost.org)(address . 27889@debbugs.gnu.org)
CAN-ReHoqipxjd-NOM7YvAjTU_2-KeAey3bxzfbJ1QmEQdbf0HA@mail.gmail.com
On Mon, Jul 31, 2017 at 2:34 PM, Danny Milosavljevic<dannym@scratchpost.org> wrote:
Toggle quote (24 lines)> Oops!>> That's indeed still broken.>> But gnu/services/shepherd.scm shepherd-service-file could be extended to provide a "restart" action (shepherd itself already supports it).>> The general format for shepherd is:>> (register-services> (make <service>> #:provides '(apache-2.0 apache httpd)> #:requires '()> #:start (...)> #:stop (...)> #:actions (make-actions> (restart (...)))))> ^^^^^^^^^^^^^>> But the Guix <shepherd-service> record, which is the source that is eventually compiled to the above, neither has an "actions" slot nor a "restart" slot. It would have to be extended with one.>> I wonder whether it would make sense to make shepherd automatically default to a SIGHUP restart action for daemonized processes instead, though. It's not exactly rare for daemons to provide that.>> Also, does "guix system reconfigure" already call this restart action if it's present?
polkitd isn't managed by shepherd. It looks to be managed by dbus andI'm not sure how to restart an individual dbus service (or if you evencan). Restarting dbus-system is obviously too intrusive (it doesreload the policy files at the expense of restarting my X session :)).
D
D
Danny Milosavljevic wrote on 1 Aug 2017 09:17
(name . Ryan Moe)(address . ryan.moe@gmail.com)(address . 27889@debbugs.gnu.org)
20170801091753.0f9dd3cf@scratchpost.org
Toggle quote (5 lines)> polkitd isn't managed by shepherd. It looks to be managed by dbus and> I'm not sure how to restart an individual dbus service (or if you even> can). Restarting dbus-system is obviously too intrusive (it does> reload the policy files at the expense of restarting my X session :)).
Yeah, we specifically don't restart dbus because of that.
But I guess we could still send SIGHUP to polkitd.
I'm not sure how to find out which polkitd it is - if we don't want to restart a superset.
Also, pstree says that polkitd forked and started another polkitd. There are two polkitd. Which one has to get the SIGHUP?
L
L
Ludovic Courtès wrote on 1 Aug 2017 12:03
(name . Danny Milosavljevic)(address . dannym@scratchpost.org)
87vam7r4eh.fsf@gnu.org
Hello,
Danny Milosavljevic <dannym@scratchpost.org> skribis:
Toggle quote (20 lines)> But gnu/services/shepherd.scm shepherd-service-file could be extended to provide a "restart" action (shepherd itself already supports it).>> The general format for shepherd is:>> (register-services> (make <service>> #:provides '(apache-2.0 apache httpd)> #:requires '()> #:start (...)> #:stop (...)> #:actions (make-actions> (restart (...)))))> ^^^^^^^^^^^^^>> But the Guix <shepherd-service> record, which is the source that is eventually compiled to the above, neither has an "actions" slot nor a "restart" slot. It would have to be extended with one.>> I wonder whether it would make sense to make shepherd automatically default to a SIGHUP restart action for daemonized processes instead, though. It's not exactly rare for daemons to provide that.>> Also, does "guix system reconfigure" already call this restart action if it's present?
Not yet, but it should. I think the patches athttps://bugs.gnu.org/26830 would be sufficient if the action boilsdown to sending SIGHUP. Perhaps time to revive that patch set!
Ludo’.
?
Your comment

Commenting via the web interface is currently disabled.

To comment on this conversation send email to 27889@debbugs.gnu.org