From patchwork Sat Mar 22 18:23:34 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?q?Ludovic_Court=C3=A8s?= <ludo@gnu.org>
X-Patchwork-Id: 40649
Return-Path: <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>
X-Original-To: patchwork@mira.cbaines.net
Delivered-To: patchwork@mira.cbaines.net
Received: by mira.cbaines.net (Postfix, from userid 113)
	id BEC8927BBEA; Sat, 22 Mar 2025 18:25:11 +0000 (GMT)
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on mira.cbaines.net
X-Spam-Level: 
X-Spam-Status: No, score=-7.6 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
	DKIM_SIGNED,DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_BLOCKED,
	RCVD_IN_VALIDITY_CERTIFIED,RCVD_IN_VALIDITY_RPBL,RCVD_IN_VALIDITY_SAFE,
	SPF_HELO_PASS,URIBL_BLOCKED autolearn=ham autolearn_force=no
	version=3.4.6
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	by mira.cbaines.net (Postfix) with ESMTPS id F360B27BBE2
	for <patchwork@mira.cbaines.net>; Sat, 22 Mar 2025 18:25:09 +0000 (GMT)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <guix-patches-bounces@gnu.org>)
	id 1tw3Wp-0003Km-Ql; Sat, 22 Mar 2025 14:25:03 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1tw3Wo-0003KB-6G
 for guix-patches@gnu.org; Sat, 22 Mar 2025 14:25:02 -0400
Received: from debbugs.gnu.org ([2001:470:142:5::43])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1tw3Wn-0007Sl-Qx
 for guix-patches@gnu.org; Sat, 22 Mar 2025 14:25:01 -0400
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=debbugs.gnu.org; s=debbugs-gnu-org;
 h=MIME-Version:References:In-Reply-To:Date:From:To:Subject;
 bh=ouYdNfaC0QwHW11cPWbtQzpWy1fT9SCFNFQGRqlUg78=;
 b=VGGuaMUp072H4+ABV4NiQRrbK6AwKz5ip5Cv8HPv0JtOSzV4wCZBGAk+ocsIKcVd3tO/kNU584Vjo0Bgt4peePMnTX2DkunNkhZS2zJctX+SZgt2AUGbrLDE91epzPauFf7MWK2pP4EjTw5FVg9z034KiZsvq+QJLWBoPys7fW2C0ZfWfkZp7QHRSqI0w80ainiMVtOVRfqPXCUqslblkFFVJzQY/3yaaJOAE0E1zclQ5y3Mfh2jhbZqKE+T2QlxP8v43tfvh96QevXWt8FCTS8zO+LcDBRqAaP/XDlVGV+9Zl7E3xC6Im8eOv51pX3NdUQ7iBz1oTlFi/EWj/0FcA==;
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1tw3Wn-0007vL-Lf
 for guix-patches@gnu.org; Sat, 22 Mar 2025 14:25:01 -0400
X-Loop: help-debbugs@gnu.org
Subject: [bug#77189] [PATCH 1/3] services: guix: Factorize =?utf-8?b?4oCY?=
	=?utf-8?b?Z3VpeC1kYWVtb27igJk=?= arguments.
Resent-From: Ludovic =?utf-8?q?Court=C3=A8s?= <ludo@gnu.org>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: guix-patches@gnu.org
Resent-Date: Sat, 22 Mar 2025 18:25:01 +0000
Resent-Message-ID: <handler.77189.B77189.174266784730233@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 77189
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: 77189@debbugs.gnu.org
Cc: Ludovic =?utf-8?q?Court=C3=A8s?= <ludo@gnu.org>
Received: via spool by 77189-submit@debbugs.gnu.org id=B77189.174266784730233
 (code B ref 77189); Sat, 22 Mar 2025 18:25:01 +0000
Received: (at 77189) by debbugs.gnu.org; 22 Mar 2025 18:24:07 +0000
Received: from localhost ([127.0.0.1]:45402 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1tw3Vu-0007rX-Eg
 for submit@debbugs.gnu.org; Sat, 22 Mar 2025 14:24:07 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:59288)
 by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.84_2) (envelope-from <ludo@gnu.org>) id 1tw3Vq-0007qP-Qh
 for 77189@debbugs.gnu.org; Sat, 22 Mar 2025 14:24:03 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ludo@gnu.org>)
 id 1tw3Vl-0007Mm-Gw; Sat, 22 Mar 2025 14:23:57 -0400
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org;
 s=fencepost-gnu-org; h=MIME-Version:References:In-Reply-To:Date:Subject:To:
 From; bh=ouYdNfaC0QwHW11cPWbtQzpWy1fT9SCFNFQGRqlUg78=; b=hFpAjMZIZ2myAO/QBrvb
 Eq5Gl1g3s+JWf20VNNQnL+BSbaH4oPK3v8ZIMLFupF0PAO4gysR1mwHy+KzWtWNKIpNuvpMuoW2zW
 eXTgEbwy9Ps6rHRCt8JnMxch6e037jTtXosOc/X1r0NSFL55ju0NEECHy0g2AazXIUSfU/nSj2Gq5
 pT94ynEb0BLIj+mUi3U/GM48qDcN68ZVNsWotkv5bQhjWkt7Z4ovacpqfzGx2J7hCe6sKYzOm38GY
 Pw4k0X3m/vp3FRwcGbG0hEyHNnJkBuP/JbEH/ZgHMCPVtXtyx/S+F8tbTybsQT8Q3kWvgqVLI3Ppz
 T1Z1/YdgkiRaow==;
From: Ludovic =?utf-8?q?Court=C3=A8s?= <ludo@gnu.org>
Date: Sat, 22 Mar 2025 19:23:34 +0100
Message-ID: 
 <7dbcbbbd99883ac9c4655447ab0df451dfc59b94.1742667082.git.ludo@gnu.org>
X-Mailer: git-send-email 2.48.1
In-Reply-To: <cover.1742667082.git.ludo@gnu.org>
References: <cover.1742667082.git.ludo@gnu.org>
MIME-Version: 1.0
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-BeenThere: guix-patches@gnu.org
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-patches>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=subscribe>
Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org
Sender: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org
X-getmail-retrieved-from-mailbox: Patches

* gnu/services/base.scm (guix-shepherd-service): In ‘start’ method,
move ‘fork+exec-command/container’ arguments to the new variables
‘daemon-command’ and ‘environment-variables’.

Change-Id: Ic04a1006849697e4e185ad94185bbdec8a91a05a
---
 gnu/services/base.scm | 115 ++++++++++++++++++++++--------------------
 1 file changed, 59 insertions(+), 56 deletions(-)

diff --git a/gnu/services/base.scm b/gnu/services/base.scm
index 0d2bb31190..6793822666 100644
--- a/gnu/services/base.scm
+++ b/gnu/services/base.scm
@@ -2061,6 +2061,63 @@ (define (guix-shepherd-service config)
                   (define discover?
                     (or (getenv "discover") #$discover?))
 
+                  (define daemon-command
+                    (cons* #$(file-append guix "/bin/guix-daemon")
+                           "--build-users-group" #$build-group
+                           "--max-silent-time"
+                           #$(number->string max-silent-time)
+                           "--timeout" #$(number->string timeout)
+                           "--log-compression"
+                           #$(symbol->string log-compression)
+                           #$@(if use-substitutes?
+                                  '()
+                                  '("--no-substitutes"))
+                           (string-append "--discover="
+                                          (if discover? "yes" "no"))
+                           "--substitute-urls" #$(string-join substitute-urls)
+                           #$@extra-options
+
+                           #$@(if chroot?
+                                  '()
+                                  '("--disable-chroot"))
+                           ;; Add CHROOT-DIRECTORIES and all their dependencies
+                           ;; (if these are store items) to the chroot.
+                           (append-map
+                            (lambda (file)
+                              (append-map (lambda (directory)
+                                            (list "--chroot-directory"
+                                                  directory))
+                                          (call-with-input-file file
+                                            read)))
+                            '#$(map references-file
+                                    chroot-directories))))
+
+                  (define environment-variables
+                    (append (list #$@(if tmpdir
+                                         (list (string-append "TMPDIR=" tmpdir))
+                                         '())
+
+                                  ;; Make sure we run in a UTF-8 locale so that
+                                  ;; 'guix offload' correctly restores nars
+                                  ;; that contain UTF-8 file names such as
+                                  ;; 'nss-certs'.  See
+                                  ;; <https://bugs.gnu.org/32942>.
+                                  (string-append "GUIX_LOCPATH="
+                                                 #$locales "/lib/locale")
+                                  "LC_ALL=en_US.utf8"
+                                  ;; Make 'tar' and 'gzip' available so
+                                  ;; that 'guix perform-download' can use
+                                  ;; them when downloading from Software
+                                  ;; Heritage via '(guix swh)'.
+                                  (string-append "PATH="
+                                                 #$(file-append tar "/bin") ":"
+                                                 #$(file-append gzip "/bin")))
+                            (if proxy
+                                (list (string-append "http_proxy=" proxy)
+                                      (string-append "https_proxy=" proxy))
+                                '())
+                            '#$environment))
+
                   (mkdir-p "/var/guix")
                   ;; Ensure that a fresh directory is used, in case the old
                   ;; one was more permissive and processes have a file
@@ -2084,35 +2141,7 @@ (define (guix-shepherd-service config)
                   ;; to solve an installation issue. See the comment below for
                   ;; more details.
                   (fork+exec-command/container
-                   (cons* #$(file-append guix "/bin/guix-daemon")
-                          "--build-users-group" #$build-group
-                          "--max-silent-time"
-                          #$(number->string max-silent-time)
-                          "--timeout" #$(number->string timeout)
-                          "--log-compression"
-                          #$(symbol->string log-compression)
-                          #$@(if use-substitutes?
-                                 '()
-                                 '("--no-substitutes"))
-                          (string-append "--discover="
-                                         (if discover? "yes" "no"))
-                          "--substitute-urls" #$(string-join substitute-urls)
-                          #$@extra-options
-
-                          #$@(if chroot?
-                                 '()
-                                 '("--disable-chroot"))
-                          ;; Add CHROOT-DIRECTORIES and all their dependencies
-                          ;; (if these are store items) to the chroot.
-                          (append-map
-                           (lambda (file)
-                             (append-map (lambda (directory)
-                                           (list "--chroot-directory"
-                                                 directory))
-                                         (call-with-input-file file
-                                           read)))
-                           '#$(map references-file
-                                   chroot-directories)))
+                   daemon-command
 
                    ;; When running the installer, we need guix-daemon to
                    ;; operate from within the same MNT namespace as the
@@ -2123,33 +2152,7 @@ (define (guix-shepherd-service config)
                    #:pid (match args
                            ((pid) (string->number pid))
                            (else (getpid)))
-
-                   #:environment-variables
-                   (append (list #$@(if tmpdir
-                                        (list (string-append "TMPDIR=" tmpdir))
-                                        '())
-
-                                 ;; Make sure we run in a UTF-8 locale so that
-                                 ;; 'guix offload' correctly restores nars
-                                 ;; that contain UTF-8 file names such as
-                                 ;; 'nss-certs'.  See
-                                 ;; <https://bugs.gnu.org/32942>.
-                                 (string-append "GUIX_LOCPATH="
-                                                #$locales "/lib/locale")
-                                 "LC_ALL=en_US.utf8"
-                                 ;; Make 'tar' and 'gzip' available so
-                                 ;; that 'guix perform-download' can use
-                                 ;; them when downloading from Software
-                                 ;; Heritage via '(guix swh)'.
-                                 (string-append "PATH="
-                                                #$(file-append tar "/bin") ":"
-                                                #$(file-append gzip "/bin")))
-                           (if proxy
-                               (list (string-append "http_proxy=" proxy)
-                                     (string-append "https_proxy=" proxy))
-                               '())
-                           '#$environment)
-
+                   #:environment-variables environment-variables
                    #:log-file #$log-file))))
            (stop #~(make-kill-destructor))))))
 

From patchwork Sat Mar 22 18:23:35 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?q?Ludovic_Court=C3=A8s?= <ludo@gnu.org>
X-Patchwork-Id: 40650
Return-Path: <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>
X-Original-To: patchwork@mira.cbaines.net
Delivered-To: patchwork@mira.cbaines.net
Received: by mira.cbaines.net (Postfix, from userid 113)
	id BEE3027BBEC; Sat, 22 Mar 2025 18:25:32 +0000 (GMT)
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on mira.cbaines.net
X-Spam-Level: 
X-Spam-Status: No, score=-7.6 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
	DKIM_SIGNED,DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_BLOCKED,
	RCVD_IN_VALIDITY_CERTIFIED,RCVD_IN_VALIDITY_RPBL,RCVD_IN_VALIDITY_SAFE,
	SPF_HELO_PASS,URIBL_BLOCKED autolearn=ham autolearn_force=no
	version=3.4.6
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	by mira.cbaines.net (Postfix) with ESMTPS id 2331227BBE2
	for <patchwork@mira.cbaines.net>; Sat, 22 Mar 2025 18:25:32 +0000 (GMT)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <guix-patches-bounces@gnu.org>)
	id 1tw3Wq-0003Ll-Nl; Sat, 22 Mar 2025 14:25:04 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1tw3Wo-0003KJ-PZ
 for guix-patches@gnu.org; Sat, 22 Mar 2025 14:25:02 -0400
Received: from debbugs.gnu.org ([2001:470:142:5::43])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1tw3Wo-0007Sv-9E
 for guix-patches@gnu.org; Sat, 22 Mar 2025 14:25:02 -0400
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=debbugs.gnu.org; s=debbugs-gnu-org;
 h=MIME-Version:References:In-Reply-To:Date:From:To:Subject;
 bh=3uvC8Do/dW7R29ikCRwTdB7fEOK6nqqpHzpQ0qoHDFQ=;
 b=ve3deRTwgzXLUNV/aMnbBSFTCeubew5z1qE3lDR17KmaxAIjI16TX9OOQ830AeoOx5RJxMauM79Cfvf1CrkehSqW8kCPGVrg40fCEVYYxY0NA9sDk12K82KbRadA3x/ztqwYhPZedfAT1j5btYCribSO0oJS8KWrA5MSwQMLdBPbm0tCR0ekrwlYbdtrwYHDd3r49ntrhCCm65fCAGT81WziAuUExlYxFiVebE3H4rAzJ8meNxgdYpIXICyESmfqqkdVeIi4AfqCUdygFw4Ngv9p2Oviydghei6oe65rL4EMeCwtK6APK/dm+WHKDltkmqKbRYIdAI1QBkF6GeyE+w==;
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1tw3Wo-0007vW-4l
 for guix-patches@gnu.org; Sat, 22 Mar 2025 14:25:02 -0400
X-Loop: help-debbugs@gnu.org
Subject: [bug#77189] [PATCH 2/3] services: guix: Streamline the default
	=?utf-8?b?4oCYc3RhcnTigJk=?= case.
Resent-From: Ludovic =?utf-8?q?Court=C3=A8s?= <ludo@gnu.org>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: guix-patches@gnu.org
Resent-Date: Sat, 22 Mar 2025 18:25:02 +0000
Resent-Message-ID: <handler.77189.B77189.174266785230257@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 77189
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: 77189@debbugs.gnu.org
Cc: Ludovic =?utf-8?q?Court=C3=A8s?= <ludo@gnu.org>
Received: via spool by 77189-submit@debbugs.gnu.org id=B77189.174266785230257
 (code B ref 77189); Sat, 22 Mar 2025 18:25:02 +0000
Received: (at 77189) by debbugs.gnu.org; 22 Mar 2025 18:24:12 +0000
Received: from localhost ([127.0.0.1]:45406 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1tw3W0-0007rw-5L
 for submit@debbugs.gnu.org; Sat, 22 Mar 2025 14:24:12 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:40224)
 by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.84_2) (envelope-from <ludo@gnu.org>) id 1tw3Vt-0007qh-SY
 for 77189@debbugs.gnu.org; Sat, 22 Mar 2025 14:24:06 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ludo@gnu.org>)
 id 1tw3Vo-0007Mw-Aa; Sat, 22 Mar 2025 14:24:00 -0400
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org;
 s=fencepost-gnu-org; h=MIME-Version:References:In-Reply-To:Date:Subject:To:
 From; bh=3uvC8Do/dW7R29ikCRwTdB7fEOK6nqqpHzpQ0qoHDFQ=; b=CP47KBauXxaiBN+8myTY
 3cbT03C8YpkUCW7T9Rzik/Mp/bdaYrqL+IVIRV26fBucSEundk4rJyk8BwhFKQ/I2Z9l/vez7ZG86
 CxvC7JUnOgGIvS0iPHoffJk91llqd5YGl/vL13OEBpZ4GAawDA9huesDY2RtHhPEZZKpAdfR4yWRE
 wRGL8j8rSkat5RlqGKrY5UcZ705EVJFLppE5iUP4UeZOH/87CNKflru01DNFudHvuQMkV8wah/Q1k
 byDwkE3ANg9Jt8UXrgDYCO86XS3famIM/nefaHId3DVc1GefaV1eBKUSlU16hNnO4TDxHSWrtIXZR
 Mu97P6wDSB4I3A==;
From: Ludovic =?utf-8?q?Court=C3=A8s?= <ludo@gnu.org>
Date: Sat, 22 Mar 2025 19:23:35 +0100
Message-ID: 
 <993d04f2cd1957d02ac054fc403c9436807f7734.1742667082.git.ludo@gnu.org>
X-Mailer: git-send-email 2.48.1
In-Reply-To: <cover.1742667082.git.ludo@gnu.org>
References: <cover.1742667082.git.ludo@gnu.org>
MIME-Version: 1.0
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-BeenThere: guix-patches@gnu.org
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-patches>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=subscribe>
Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org
Sender: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org
X-getmail-retrieved-from-mailbox: Patches

* gnu/services/base.scm (guix-shepherd-service): In ‘start’ method, use
‘fork+exec-command’ in the default case.

Change-Id: Id04d3d2651f89fbcdb2f17f027df91e132ff9ed1
---
 gnu/services/base.scm | 31 ++++++++++++++-----------------
 1 file changed, 14 insertions(+), 17 deletions(-)

diff --git a/gnu/services/base.scm b/gnu/services/base.scm
index 6793822666..c7abc9b422 100644
--- a/gnu/services/base.scm
+++ b/gnu/services/base.scm
@@ -2137,23 +2137,20 @@ (define (guix-shepherd-service config)
                          (gid (if group (group:gid (getgrnam group)) -1)))
                     (chown "/var/guix/daemon-socket" uid gid))
 
-                  ;; Start the guix-daemon from a container, when supported,
-                  ;; to solve an installation issue. See the comment below for
-                  ;; more details.
-                  (fork+exec-command/container
-                   daemon-command
-
-                   ;; When running the installer, we need guix-daemon to
-                   ;; operate from within the same MNT namespace as the
-                   ;; installation container. In that case only, enter the
-                   ;; namespace of the process PID passed as start argument.
-                   ;; Otherwise, for symmetry purposes enter the caller
-                   ;; namespaces which is a no-op.
-                   #:pid (match args
-                           ((pid) (string->number pid))
-                           (else (getpid)))
-                   #:environment-variables environment-variables
-                   #:log-file #$log-file))))
+                  (match args
+                    (((= string->number (? integer? pid)))
+                     ;; Start the guix-daemon in the same mnt namespace as
+                     ;; PID.  This is necessary when running the installer.
+                     (fork+exec-command/container
+                      daemon-command
+                      #:pid pid
+                      #:environment-variables environment-variables
+                      #:log-file #$log-file))
+                    (()
+                     (fork+exec-command daemon-command
+                                        #:environment-variables
+                                        environment-variables
+                                        #:log-file #$log-file))))))
            (stop #~(make-kill-destructor))))))
 
 (define (guix-accounts config)

From patchwork Sat Mar 22 18:23:36 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?q?Ludovic_Court=C3=A8s?= <ludo@gnu.org>
X-Patchwork-Id: 40651
Return-Path: <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>
X-Original-To: patchwork@mira.cbaines.net
Delivered-To: patchwork@mira.cbaines.net
Received: by mira.cbaines.net (Postfix, from userid 113)
	id C2D6C27BBE2; Sat, 22 Mar 2025 18:25:33 +0000 (GMT)
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on mira.cbaines.net
X-Spam-Level: 
X-Spam-Status: No, score=-7.6 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
	DKIM_SIGNED,DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_BLOCKED,
	RCVD_IN_VALIDITY_CERTIFIED,RCVD_IN_VALIDITY_RPBL,RCVD_IN_VALIDITY_SAFE,
	SPF_HELO_PASS,URIBL_BLOCKED autolearn=ham autolearn_force=no
	version=3.4.6
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	by mira.cbaines.net (Postfix) with ESMTPS id 7F4E027BBEA
	for <patchwork@mira.cbaines.net>; Sat, 22 Mar 2025 18:25:32 +0000 (GMT)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <guix-patches-bounces@gnu.org>)
	id 1tw3Wr-0003MP-Bm; Sat, 22 Mar 2025 14:25:05 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1tw3Wp-0003KQ-89
 for guix-patches@gnu.org; Sat, 22 Mar 2025 14:25:03 -0400
Received: from debbugs.gnu.org ([2001:470:142:5::43])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1tw3Wo-0007U5-Sd
 for guix-patches@gnu.org; Sat, 22 Mar 2025 14:25:02 -0400
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=debbugs.gnu.org; s=debbugs-gnu-org;
 h=MIME-Version:References:In-Reply-To:Date:From:To:Subject;
 bh=gq5AfWz82gt/hVmDKhQeG1+wYJ7OfmOVitOCKeZF2Ec=;
 b=P9HFbJR2Z1XuaWKkAfGOTo8lb+nNIt9xTA++CsDZM8CMV09OUoyd4tyi6fwa0eaT+YS5GES2yXK+dNd+QGkGg626YCzvryh61CRTcU74iEcGoTHaaueb1Bb6icTe1z/XkIRMgEBLdYCa7fcwvFUZEPJdQp+n1g0BTduYmu/xbebn6uRHj1dLMPiq2JlKmE315RddZRPVWXyAbLieWDrJRmbn3Zbew4LKsH8689WJWyb4TU3w3OyBdSfzceLKjub0ZcxgX+QczY8F0KnxUEtSjBWcseh2ilixyVFV9Mj7cOBWPTte1mpnYAzy4EgaJsxeOm1JmYQcy7yzAo8myWQigw==;
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1tw3Wo-0007vf-Nf
 for guix-patches@gnu.org; Sat, 22 Mar 2025 14:25:02 -0400
X-Loop: help-debbugs@gnu.org
Subject: [bug#77189] [PATCH 3/3] services: guix: Socket-activate
	=?utf-8?b?4oCYZ3VpeC1kYWVtb27igJku?=
Resent-From: Ludovic =?utf-8?q?Court=C3=A8s?= <ludo@gnu.org>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: guix-patches@gnu.org
Resent-Date: Sat, 22 Mar 2025 18:25:02 +0000
Resent-Message-ID: <handler.77189.B77189.174266785330264@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 77189
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: 77189@debbugs.gnu.org
Cc: Ludovic =?utf-8?q?Court=C3=A8s?= <ludo@gnu.org>
Received: via spool by 77189-submit@debbugs.gnu.org id=B77189.174266785330264
 (code B ref 77189); Sat, 22 Mar 2025 18:25:02 +0000
Received: (at 77189) by debbugs.gnu.org; 22 Mar 2025 18:24:13 +0000
Received: from localhost ([127.0.0.1]:45408 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1tw3W0-0007s0-LX
 for submit@debbugs.gnu.org; Sat, 22 Mar 2025 14:24:13 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:40240)
 by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.84_2) (envelope-from <ludo@gnu.org>) id 1tw3Vx-0007rJ-KG
 for 77189@debbugs.gnu.org; Sat, 22 Mar 2025 14:24:10 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ludo@gnu.org>)
 id 1tw3Vs-0007NH-BW; Sat, 22 Mar 2025 14:24:04 -0400
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org;
 s=fencepost-gnu-org; h=MIME-Version:References:In-Reply-To:Date:Subject:To:
 From; bh=gq5AfWz82gt/hVmDKhQeG1+wYJ7OfmOVitOCKeZF2Ec=; b=d/ayB/1TzdeWvzz6nGk7
 QbsCb0eC29GRzPvgn2ZkbqPl2Ajkm+lyI9bo6Vrp0NTeZO/gDTYCZE45ZZjy799/UYQHclgQBIyE7
 8RRU7XTE/OZbHH44/1nfnHxFsMhqEAL8n4CDItD6yRoG3AZcHDYF5Az3k9leA+kL7ShJZOmNhJTYP
 d/DDfZ9djHPQRSNIXNC14lKRiD6gyCTc+TwEjU2WJ0sMXmv8kD2KU8LUKBkWq65IbRmMwaiQkcM6m
 v7ISMLd4fazvq1Cgb+8OHRmBqaVYGG5qRd2BirujYaELp0ejDq5ngmoRrioyIctpCGcSUOdxXw9ZM
 +A//rbHQI3gokg==;
From: Ludovic =?utf-8?q?Court=C3=A8s?= <ludo@gnu.org>
Date: Sat, 22 Mar 2025 19:23:36 +0100
Message-ID: 
 <61aa1ba0be9a26f3789962e78e91b6cbe91105da.1742667082.git.ludo@gnu.org>
X-Mailer: git-send-email 2.48.1
In-Reply-To: <cover.1742667082.git.ludo@gnu.org>
References: <cover.1742667082.git.ludo@gnu.org>
MIME-Version: 1.0
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-BeenThere: guix-patches@gnu.org
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-patches>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=subscribe>
Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org
Sender: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org
X-getmail-retrieved-from-mailbox: Patches

* gnu/services/base.scm (guix-shepherd-service): Change ‘start’ to use
‘make-systemd-constructor’ in the default case.  Remove now-redundant
code creating /var/guix/daemon-socket/.  Adjust ‘stop’ method to use
‘make-systemd-destructor’ when appropriate.

Change-Id: I3572670c90f65509fbad01dcf13a60f772a86839
---
 gnu/services/base.scm | 40 +++++++++++++++++++++++-----------------
 1 file changed, 23 insertions(+), 17 deletions(-)

diff --git a/gnu/services/base.scm b/gnu/services/base.scm
index c7abc9b422..9a9dfdb304 100644
--- a/gnu/services/base.scm
+++ b/gnu/services/base.scm
@@ -2118,40 +2118,46 @@ (define (guix-shepherd-service config)
                                 '())
                             '#$environment))
 
-                  (mkdir-p "/var/guix")
                   ;; Ensure that a fresh directory is used, in case the old
                   ;; one was more permissive and processes have a file
                   ;; descriptor referencing it hanging around, ready to use
                   ;; with openat.
                   (false-if-exception
                    (delete-file-recursively "/var/guix/daemon-socket"))
-                  (let ((perms #$(logand socket-directory-permissions
-                                         (lognot #o022))))
-                    (mkdir "/var/guix/daemon-socket" perms)
-                    ;; Override umask
-                    (chmod "/var/guix/daemon-socket" perms))
-
-                  (let* ((user #$socket-directory-user)
-                         (uid (if user (passwd:uid (getpwnam user)) -1))
-                         (group #$socket-directory-group)
-                         (gid (if group (group:gid (getgrnam group)) -1)))
-                    (chown "/var/guix/daemon-socket" uid gid))
 
                   (match args
                     (((= string->number (? integer? pid)))
                      ;; Start the guix-daemon in the same mnt namespace as
                      ;; PID.  This is necessary when running the installer.
+                     ;; Assume /var/guix/daemon-socket was created by a
+                     ;; previous 'start' call without arguments.
                      (fork+exec-command/container
                       daemon-command
                       #:pid pid
                       #:environment-variables environment-variables
                       #:log-file #$log-file))
                     (()
-                     (fork+exec-command daemon-command
-                                        #:environment-variables
-                                        environment-variables
-                                        #:log-file #$log-file))))))
-           (stop #~(make-kill-destructor))))))
+                     ;; Default to socket activation.
+                     (let ((socket (endpoint
+                                    (make-socket-address
+                                     AF_UNIX
+                                     "/var/guix/daemon-socket/socket")
+                                    #:name "socket"
+                                    #:socket-owner
+                                    (or #$socket-directory-user 0)
+                                    #:socket-group
+                                    (or #$socket-directory-group 0)
+                                    #:socket-directory-permissions
+                                    #$socket-directory-permissions)))
+                       ((make-systemd-constructor daemon-command
+                                                  (list socket)
+                                                  #:environment-variables
+                                                  environment-variables
+                                                  #:log-file #$log-file))))))))
+           (stop #~(lambda (value)
+                     (if (or (process? value) (integer? value))
+                         ((make-kill-destructor) value)
+                         ((make-systemd-destructor) value))))))))
 
 (define (guix-accounts config)
   "Return the user accounts and user groups for CONFIG."