From patchwork Tue Nov 14 14:05:51 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Ludovic_Court=C3=A8s?= X-Patchwork-Id: 1977 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id 0576A27BBEA; Tue, 14 Nov 2023 14:06:34 +0000 (GMT) X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,MAILING_LIST_MULTI,SPF_HELO_PASS,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTPS id B252027BBE2 for ; Tue, 14 Nov 2023 14:06:29 +0000 (GMT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1r2u3d-0006CH-BE; Tue, 14 Nov 2023 09:06:25 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1r2u3Y-0006Bk-T6 for guix-patches@gnu.org; Tue, 14 Nov 2023 09:06:20 -0500 Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1r2u3Y-0001IX-Jg for guix-patches@gnu.org; Tue, 14 Nov 2023 09:06:20 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1r2u4E-0005Uh-FT for guix-patches@gnu.org; Tue, 14 Nov 2023 09:07:02 -0500 X-Loop: help-debbugs@gnu.org Subject: [bug#67175] [PATCH 0/9] Removing 'make-forkexec-constructor/container' Resent-From: Ludovic =?utf-8?q?Court=C3=A8s?= Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Tue, 14 Nov 2023 14:07:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 67175 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 67175@debbugs.gnu.org Cc: Ludovic =?utf-8?q?Court=C3=A8s?= X-Debbugs-Original-To: guix-patches@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.169997081321101 (code B ref -1); Tue, 14 Nov 2023 14:07:02 +0000 Received: (at submit) by debbugs.gnu.org; 14 Nov 2023 14:06:53 +0000 Received: from localhost ([127.0.0.1]:60556 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1r2u44-0005UH-Tx for submit@debbugs.gnu.org; Tue, 14 Nov 2023 09:06:53 -0500 Received: from lists.gnu.org ([2001:470:142::17]:42988) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1r2u42-0005U3-Vo for submit@debbugs.gnu.org; Tue, 14 Nov 2023 09:06:51 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1r2u3G-0005l8-OL for guix-patches@gnu.org; Tue, 14 Nov 2023 09:06:02 -0500 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1r2u3G-0001HV-FF; Tue, 14 Nov 2023 09:06:02 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-Version:Date:Subject:To:From:in-reply-to: references; bh=Ucl4d/ij3in1Q/Zt6qJQ1vqsPMG693Xr3XbyAAYCLZw=; b=HfVnGCHvWXMQrD 6pqgMOpeYMvbauoo8Wcc3Jh+EJnImfzeZzsbzNoy74hIkEEXXBxHsdhWoDWQ2jBabYP5jjxOpKodG jetk4ukmuvYqR2a5wDiVDG9FcScotSpHQdxbMH8l9HgehDMljpl8Mc6EZ+tIHj8+7e14p6pgLuogI SPD8OTH7YsV2HSg2yashi78TIxsMOWrUIWogoOcShTJpjtYc2F4Lgf7JyzQjalPAyr4i5+5F9BmPr QeNJnY4Qvv4rVCX6iWRIefydu8fKQK6FEUSG/XAfs3jX/pXax1U6n09+zcgX70W6IOJN47/v3C3cg P4+nux0rrBSNHkDlVHJQ==; From: Ludovic =?utf-8?q?Court=C3=A8s?= Date: Tue, 14 Nov 2023 15:05:51 +0100 Message-ID: X-Mailer: git-send-email 2.41.0 MIME-Version: 1.0 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org X-getmail-retrieved-from-mailbox: Patches Hello Guix! This completes the removal of ‘make-forkexec-constructor/container’ as I intended to do with the introduction of ‘least-authority-wrapper’: https://issues.guix.gnu.org/54997 The Jami use case exposed a few shortcomings, including those addressed by , but thankfully there are tests, which made it easier to validate the changes! Feedback welcome! Ludo’. Ludovic Courtès (9): services: pagekite: Use ‘least-authority-wrapper’. services: pagekite: Add ‘configuration’ action. services: bitlbee: Remove use of ‘make-forkexec-constructor/container’. least-authority: Add support for changing UIDs/GIDs before exec. tests: jami: Check status of Jami D-Bus session. services: jami-dbus-session: Use ‘least-authority-wrapper’. services: jami: Use ‘least-authority-wrapper’. services: Remove unnecessary references to (gnu build shepherd). shepherd: Remove ‘make-forkexec-constructor/container’. gnu/build/shepherd.scm | 90 ---------------------- gnu/services/databases.scm | 41 +++++----- gnu/services/messaging.scm | 77 ++++++++----------- gnu/services/networking.scm | 36 +++++---- gnu/services/security-token.scm | 29 ++++--- gnu/services/telephony.scm | 132 +++++++++++++++++++------------- gnu/services/web.scm | 50 ++++++------ gnu/tests/telephony.scm | 9 +++ guix/least-authority.scm | 25 +++++- 9 files changed, 223 insertions(+), 266 deletions(-) base-commit: 08d94fe20eca47b69678b3eced8749dd02c700a4 prerequisite-patch-id: ea1da8834460072ad48cd7b4a3ec23e7205f2529 prerequisite-patch-id: eb3069189c1b61930a429f933fda673d8fe47691