From debbugs-submit-bounces@debbugs.gnu.org Mon Mar 06 20:13:43 2023 Received: (at 61570) by debbugs.gnu.org; 7 Mar 2023 01:13:43 +0000 Received: from localhost ([127.0.0.1]:44041 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pZLtf-0006fE-53 for submit@debbugs.gnu.org; Mon, 06 Mar 2023 20:13:43 -0500 Received: from mail-qv1-f42.google.com ([209.85.219.42]:36848) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pZLtd-0006f1-KI for 61570@debbugs.gnu.org; Mon, 06 Mar 2023 20:13:42 -0500 Received: by mail-qv1-f42.google.com with SMTP id m4so8005092qvq.3 for <61570@debbugs.gnu.org>; Mon, 06 Mar 2023 17:13:41 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; t=1678151616; h=mime-version:user-agent:message-id:in-reply-to:date:references :subject:cc:to:from:from:to:cc:subject:date:message-id:reply-to; bh=ssHUTgrq+deZfcBh4nXQ9hVnctXlHloWrPVZC9ROYSQ=; b=X64l/jf7OzGnjWwKQAGJzjOuF95j2i4NMAwleFfdosvdZdn77vLVpCCwwhvUf2hofZ 3DvHX2FRHa1uf7xv9tyzbroX3V+7PhCy2WE8I8pgCaczRjm63WkiVA8jNG0tvhiDttB+ 5ilF4qqMwL5DJtbB3p46mVGFK1VbBy11xoQv3aiyO8J0nAUh9k7tHX4riZmMfOkicnV3 NVTb9tTpS+NPmGtqXH4vEx2cv/hEwR3NKy6cg0lSe7rXoPcBItLzJbktOpPOBryvvVFb O1YyfyRnT7o9KkisFDdndR26yX8UVOj3X6SH+Y/G+WI7JyvoxGgFHHNjkXCRyEcjHUve ZOjw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1678151616; h=mime-version:user-agent:message-id:in-reply-to:date:references :subject:cc:to:from:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=ssHUTgrq+deZfcBh4nXQ9hVnctXlHloWrPVZC9ROYSQ=; b=ZHoHLt3r6tdNVzZhicRjAWABQpbsOufQgXfZgfs6IJIofhHfby7tyU7E041rhEzGv2 hgcz0GVX7IH+bXfofa+X9DzE2rSloErWjq+zF2mVUcBVPnoa/FFu2K6VZZJKQAwPN+A0 OvebidjFv6KEftcD3yfFAkjSYX7sAlU/p4ZyLzkZzxqcHx21RLu6zOlBNXDRcWKgn86Q LINAAE2uRYtu93D2nXkM/P/s3TEQb/wc4pTfrNjrEB9orZB9YzOkCCRqTAjbWWfdzBBw HSnxCe2Y/yAyUSz37p2FlkaM8wLd5IudKGOG7ctYPaSoKe69L+hrl7fFD2LnYfsIUppc JCrQ== X-Gm-Message-State: AO0yUKXLkJmGiv0YDl9qtOREcvyjVnIVcea3RSJJ2mzzkj6yX73rDZSi 6uKfMC7BukFxYHOd3aU5RCgU85OdwSSF1w== X-Google-Smtp-Source: AK7set92MW/6oQmqSIpJfxRj+OFMTy85gF7YEHxQvPm+5xsUfQgEWDcCuT6tgFSOimkf8xUtJhJmlg== X-Received: by 2002:a05:6214:da4:b0:535:5492:b427 with SMTP id h4-20020a0562140da400b005355492b427mr23750394qvh.28.1678151615920; Mon, 06 Mar 2023 17:13:35 -0800 (PST) Received: from hurd ([2607:fad8:4:3::1000]) by smtp.gmail.com with ESMTPSA id b24-20020a05620a0f9800b007419f1561fesm8341985qkn.112.2023.03.06.17.13.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 06 Mar 2023 17:13:35 -0800 (PST) From: Maxim Cournoyer To: Liliana Marie Prikler Subject: Re: Backward incompatible changes in mpd-service-type References: <87y1owsbab.fsf@gmail.com> <8c7394ba-b8fa-eac5-7d3e-3d8160b71894@makinata.eu> <959a4528abf2fec979e3816ff8d175f65d13d1ab.camel@gmail.com> Date: Mon, 06 Mar 2023 20:13:34 -0500 In-Reply-To: <959a4528abf2fec979e3816ff8d175f65d13d1ab.camel@gmail.com> (Liliana Marie Prikler's message of "Fri, 17 Feb 2023 19:06:50 +0100") Message-ID: <87bkl5z7lt.fsf@gmail.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 61570 Cc: Bruno Victal , 61570@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Hi Liliana, Liliana Marie Prikler writes: [...] >> This is an unfortunate situation arising from a bug before the >> service was refactored. >> Before d7fd9ec209f72e9cfff04a48bf16e092f258d8ff (actually >> 5c5f0fc1135ff15f9c4adfc5f27eadd9a592b5d1) >> mpd-service-type contained a service-extension for %mpd-accounts >> where the values for both group and user were hardcoded to "mpd" >> but this was actually never used since shepherd would launch the >> service using root and mpd would downgrade its permissions and switch >> to the user specified in the mpd-configuration record since this >> field is serialized to the configuration file. > It would be quite weird if someone had already pointed out how to > properly handle the accounts and groups only for that to be ignored > later in the review. > > Am Samstag, dem 24.12.2022 um 18:20 +0100 schrieb eine leichtsinnige > Person, die ihre eigenen Anmerkungen vergisst: >> I think you should make it so that you can pass a user-account and >> user-group to the mpd service so that they can be reused (with a >> sanitizer that creates a user/group from string). > Never mind then. I think Bruno has been reworking that, I think they must be about ready. > Am Freitag, dem 17.02.2023 um 07:53 -0500 schrieb Maxim Cournoyer: >> Else an error rather than a warning when multiple same-name users are >> defined would be more appropriate, I think. > Guess what, it used to be a formatted message (i.e. an actual error). > However, that broke some configs as reported in [1], so I demoted it to > a warning. Interesting. I didn't know we were usefully (?) abusing duplicate users and group. Perhaps we should try to isolate the most common offenders (services?), fix them up, and then re-introduce the check, perhaps gradually (e.g. "in 6 months time, duplicated users or groups will become a configuration error"). -- Thanks, Maxim