From debbugs-submit-bounces@debbugs.gnu.org Sun Apr 10 18:00:31 2022 Received: (at submit) by debbugs.gnu.org; 10 Apr 2022 22:00:31 +0000 Received: from localhost ([127.0.0.1]:41770 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1ndfbi-0004Ef-RE for submit@debbugs.gnu.org; Sun, 10 Apr 2022 18:00:31 -0400 Received: from lists.gnu.org ([209.51.188.17]:56784) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1ndfbh-0004EX-4X for submit@debbugs.gnu.org; Sun, 10 Apr 2022 18:00:29 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:54392) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1ndfbd-000491-Ry for guix-patches@gnu.org; Sun, 10 Apr 2022 18:00:28 -0400 Received: from out3-smtp.messagingengine.com ([66.111.4.27]:48593) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1ndfbZ-0006b5-Gy for guix-patches@gnu.org; Sun, 10 Apr 2022 18:00:24 -0400 Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.nyi.internal (Postfix) with ESMTP id 3B3015C018C; Sun, 10 Apr 2022 18:00:19 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute5.internal (MEProxy); Sun, 10 Apr 2022 18:00:19 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lnikki.la; h=cc :cc:content-transfer-encoding:content-type:date:date:from:from :in-reply-to:message-id:mime-version:reply-to:sender:subject :subject:to:to; s=fm2; bh=fU/5IiNdzqWCmc5fYvDCi70iPo3einL18NRgAA 1HOEE=; b=w1MjVU9L1gOR2biZP9GM/hVgI93ZuDT1OjQUqMBGQFgHX+e1g1RoOC Bz8VHH4Gp3bLhRsEnZNSAXyXRBKF9yvlEHFGjCkDRnDAMtbLC3BrQmJmK5sY4ygZ NwgJfp9UQWMTYR1b3bHlRAwItAdw7+K3nqAJ3E5a/TsSZytIdbyTgXfBdEkQWcnG AhoNu/4O8KQ6vOLQDpAVYrNNizy/qzOY3JxiEY58gcNDOHN/HDyojy1z2ZKx0edG 04lkaW3GCcz1CO3QELibaQyH9sBbxkmSDdUb1lF7fDq4zC17ShFXXmGAoVkVyesr 2Dt28l/riEmmGXXwKmxk9X0GJ+SiR3cA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:from:from:in-reply-to:message-id :mime-version:reply-to:sender:subject:subject:to:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; bh=fU/5Ii NdzqWCmc5fYvDCi70iPo3einL18NRgAA1HOEE=; b=op6mkfxepbjNTqHo4gAbhG b15TvR+SEfmZk6KAwacGixrYXkB4Bbc2sgutJzeVa639V+B+YADKSwgkVDsI1UzC YgpDeJ4ca8M9mM2dnQnOsIWFhs0qkfRWFMiTRgnZnPeI3xDsOS0Hq/1flUaXyI7N JszGuO7NY44NECSYwF+UGIk0yHAzsCxf08R7okM+b/DFdA8wePHuDI2ISM6bWdWt RyH1taUDozgOyhiRJhZib8uK6QVfNx7JG+OwFUUX+NasHVLqEVAncZLgdKpPibdN TAKVS72Oih7O7gGYVq3ouPOOyVPxFXvcjJpBSUtJFIZE+taNZ6Hy7V+M9Vc4VoDw == X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvvddrudekgedgudeihecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecunecujfgurhephffvufffkffogggtgfesthekre dtredtjeenucfhrhhomhepnfgvohcupfhikhhkihhlmocuoehhvghllhhosehlnhhikhhk ihdrlhgrqeenucggtffrrghtthgvrhhnpefhgfdtudegveejueeileefhedvudfgudfgfe eifefhvddtheejffdtvdfgfeektdenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgr mhepmhgrihhlfhhrohhmpehhvghllhhosehlnhhikhhkihdrlhgr X-ME-Proxy: Received: by mail.messagingengine.com (Postfix) with ESMTPA; Sun, 10 Apr 2022 18:00:18 -0400 (EDT) From: =?utf-8?Q?Leo=20Nikkil=C3=A4?= To: guix-patches@gnu.org Subject: [PATCH] shepherd: Add #:supplementary-groups. Date: Mon, 11 Apr 2022 01:00:08 +0300 Message-Id: <20220410220008.28577-1-hello@lnikki.la> X-Mailer: git-send-email 2.34.0 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=66.111.4.27; envelope-from=hello@lnikki.la; helo=out3-smtp.messagingengine.com X-Spam_score_int: -27 X-Spam_score: -2.8 X-Spam_bar: -- X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: -1.3 (-) X-Debbugs-Envelope-To: submit Cc: =?UTF-8?q?Leo=20Nikkil=C3=A4?= X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -2.3 (--) To support the argument introduced in Shepherd 0.9.0 when defining container-bound services. * gnu/build/shepherd.scm (exec-command*) (make-forkexec-constructor/container): Add '#:supplementary-groups'. --- gnu/build/shepherd.scm | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/gnu/build/shepherd.scm b/gnu/build/shepherd.scm index 0627bac5b9..384faa55f4 100644 --- a/gnu/build/shepherd.scm +++ b/gnu/build/shepherd.scm @@ -1,6 +1,7 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2017, 2018, 2019, 2020, 2022 Ludovic Courtès ;;; Copyright © 2020 Mathieu Othacehe +;;; Copyright © 2022 Leo Nikkilä ;;; ;;; This file is part of GNU Guix. ;;; @@ -119,8 +120,9 @@ (define* (read-pid-file/container pid pid-file #:key (max-delay 5)) ;; PID is always 1, but that's not what Shepherd needs to know. pid))) -(define* (exec-command* command #:key user group log-file pid-file - directory (environment-variables (environ))) +(define* (exec-command* command #:key user group (supplementary-groups '()) + log-file pid-file directory (environment-variables + (environ))) "Like 'exec-command', but first restore signal handles modified by shepherd (PID 1)." ;; First restore the default handlers. @@ -135,6 +137,7 @@ (define* (exec-command* command #:key user group log-file pid-file (exec-command command #:user user #:group group + #:supplementary-groups supplementary-groups #:log-file log-file #:directory directory #:environment-variables environment-variables)) @@ -146,6 +149,7 @@ (define* (make-forkexec-constructor/container command (mappings '()) (user #f) (group #f) + (supplementary-groups '()) (log-file #f) pid-file (pid-file-timeout 5) @@ -192,6 +196,8 @@ (define mounts (exec-command* command #:user user #:group group + #:supplementary-groups + supplementary-groups #:pid-file pid-file #:log-file log-file #:directory directory -- 2.34.0