| Message ID | cover.1745005408.git.ludo@gnu.org |
|---|---|
| Headers |
Return-Path: <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org> X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id 414C127BC4B; Fri, 18 Apr 2025 20:48:25 +0100 (BST) X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-6.4 required=5.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_DNSWL_BLOCKED, RCVD_IN_VALIDITY_CERTIFIED,RCVD_IN_VALIDITY_RPBL,RCVD_IN_VALIDITY_SAFE, SPF_HELO_PASS,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTPS id 06B4027BC49 for <patchwork@mira.cbaines.net>; Fri, 18 Apr 2025 20:48:25 +0100 (BST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from <guix-patches-bounces@gnu.org>) id 1u5rh7-0005Ul-UN; Fri, 18 Apr 2025 15:48:13 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1u5rh1-0005Sk-2m for guix-patches@gnu.org; Fri, 18 Apr 2025 15:48:07 -0400 Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1u5rh0-0000an-Nz for guix-patches@gnu.org; Fri, 18 Apr 2025 15:48:06 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debbugs.gnu.org; s=debbugs-gnu-org; h=MIME-Version:Date:From:To:In-Reply-To:References:Subject; bh=Xx+Z3UQoiYXaCWyqVFW72rfYcio1d+gx0frloKfaptQ=; b=PVWc35D3aKN8X7YSwmXu6sk4T2dCyRCU3uR/seo/CA4lP7cYa+F7Dd0yvMlU1HN2QiR3DpD02QMaUmhmaLGE98n/DmQ30eDUCU8nQg9HYkQZraTt0h4yshAAFU5lAfly3hskVHPRn5GI3Vhax6nXulOkBtvSEjmhjV9NLJeYwyvY66IMvVa+yMFqholnzhV4fUcbivmUslw7qeszOvQUk8aVhjkSPBRUqsfZlfhRe6qvLluvDNi5j3hZx/EQQrExoG0ctkbx+QLHnXRHBn0K+LrXnpI4MiWljXW+5yydRUUJ/OLNqJhE7zD9fiktvYvd9Zl4ZwOoPreHiGXVY4OrjQ==; Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1u5rgy-0008Ll-1H; Fri, 18 Apr 2025 15:48:04 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#77288] [PATCH v3 0/8] Rootless guix-daemon on Guix System References: <cover.1743007256.git.ludo@gnu.org> In-Reply-To: <cover.1743007256.git.ludo@gnu.org> Resent-From: Ludovic =?utf-8?q?Court=C3=A8s?= <ludo@gnu.org> Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org> Resent-CC: pelzflorian@pelzflorian.de, julien@lepiller.eu, guix-patches@gnu.org Resent-Date: Fri, 18 Apr 2025 19:48:03 +0000 Resent-Message-ID: <handler.77288.B77288.174500564431690@debbugs.gnu.org> Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 77288 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 77288@debbugs.gnu.org Cc: Ludovic =?utf-8?q?Court=C3=A8s?= <ludo@gnu.org>, Florian Pelz <pelzflorian@pelzflorian.de>, Julien Lepiller <julien@lepiller.eu> X-Debbugs-Original-Xcc: Florian Pelz <pelzflorian@pelzflorian.de>, Julien Lepiller <julien@lepiller.eu> Received: via spool by 77288-submit@debbugs.gnu.org id=B77288.174500564431690 (code B ref 77288); Fri, 18 Apr 2025 19:48:03 +0000 Received: (at 77288) by debbugs.gnu.org; 18 Apr 2025 19:47:24 +0000 Received: from localhost ([127.0.0.1]:52946 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>) id 1u5rgG-0008ES-Pz for submit@debbugs.gnu.org; Fri, 18 Apr 2025 15:47:23 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:34312) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from <ludo@gnu.org>) id 1u5rg7-0008BR-7t for 77288@debbugs.gnu.org; Fri, 18 Apr 2025 15:47:13 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <ludo@gnu.org>) id 1u5rg1-0000UY-Ll; Fri, 18 Apr 2025 15:47:05 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-Version:Date:Subject:To:From:in-reply-to: references; bh=Xx+Z3UQoiYXaCWyqVFW72rfYcio1d+gx0frloKfaptQ=; b=I1Zd7ddpgTFdSq vR74BoFRImXcYFxz0rAlUwLz47YF+vzLzqjG5MGRZUUxdjqgGaD1kfKBB7jhBI0pXo+xYUAYuKcPM kvbrFGLGUhmDSd8sfjvbUPhoDifvrOI4dFjY3QMEvx7RyV0TRdBF57vloMurgJvnJd/mJrflpeFyr t+6tXLLVLcTa7SR3vYLaD+kf/U5TCPHFzHWbO7zbgCzUz/Mag+UlykP1ceM4n0tMrlZPGDL95Fa0K r2ztIWtlscM5MlsTJFH3hNm5q8Dsbp+J8g9yXj6X0rWZ4uv/GZ21huZ7KGsTsqTsh+K3aLLqBBqOK y7Bi8QM113EBnjmkm9aQ==; From: Ludovic =?utf-8?q?Court=C3=A8s?= <ludo@gnu.org> Date: Fri, 18 Apr 2025 21:46:45 +0200 Message-ID: <cover.1745005408.git.ludo@gnu.org> X-Mailer: git-send-email 2.49.0 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: <guix-patches.gnu.org> List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>, <mailto:guix-patches-request@gnu.org?subject=unsubscribe> List-Archive: <https://lists.gnu.org/archive/html/guix-patches> List-Post: <mailto:guix-patches@gnu.org> List-Help: <mailto:guix-patches-request@gnu.org?subject=help> List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>, <mailto:guix-patches-request@gnu.org?subject=subscribe> Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org X-getmail-retrieved-from-mailbox: Patches |
| Series |
Rootless guix-daemon on Guix System
|
|
Message
Ludovic Courtès
April 18, 2025, 7:46 p.m. UTC
Changes since v2:
• ‘guix-service-type’ produces the “guixbuild” group and the
build user accounts whether or not ‘privileged?’ is true so
that ‘guix system reconfigure’ can run to completion during
the privileged-to-unprivileged migration.
• News entry includes German translation (by Florian) and
French translation.
Ludo’.
Ludovic Courtès (8):
self: Install systemd ‘.service’ files.
doc: Document migration to the unprivileged daemon.
syscalls: Add ‘unshare’.
services: account: Create /var/guix/profiles/per-user/$USER.
tests: guix-daemon: Send system log output to /dev/console.
tests: guix-daemon: Wait for the ‘guix-daemon’ service to be up.
services: guix: Allow ‘guix-daemon’ to run without root privileges.
DRAFT news: Add entry about unprivileged guix-daemon on Guix System.
doc/guix.texi | 106 +++++++++++++++++++++-
etc/news.scm | 88 ++++++++++++++++++
gnu/services/base.scm | 192 ++++++++++++++++++++++++++++++++++++----
gnu/system/shadow.scm | 19 +++-
gnu/tests/base.scm | 60 +++++++++++--
guix/build/syscalls.scm | 18 ++++
guix/self.scm | 42 ++++++---
tests/syscalls.scm | 9 ++
8 files changed, 501 insertions(+), 33 deletions(-)
base-commit: d14663b94a7428eccbfa27aa620dc3d8ba67d752