From patchwork Sat Apr  1 17:35:53 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Bruno Victal <mirai@makinata.eu>
X-Patchwork-Id: 11924
Return-Path: <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>
X-Original-To: patchwork@mira.cbaines.net
Delivered-To: patchwork@mira.cbaines.net
Received: by mira.cbaines.net (Postfix, from userid 113)
	id 3C7AD172C2; Sat,  1 Apr 2023 18:37:12 +0100 (BST)
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on mira.cbaines.net
X-Spam-Level: 
X-Spam-Status: No, score=-2.0 required=5.0 tests=MAILING_LIST_MULTI,
	RCVD_IN_MSPIKE_H2,SPF_HELO_PASS autolearn=ham autolearn_force=no
	version=3.4.6
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	by mira.cbaines.net (Postfix) with ESMTPS id 7655A17286
	for <patchwork@mira.cbaines.net>; Sat,  1 Apr 2023 18:37:11 +0100 (BST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <guix-patches-bounces@gnu.org>)
	id 1pif9z-0002zm-Rw; Sat, 01 Apr 2023 13:37:03 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1pif9y-0002zd-Hu
 for guix-patches@gnu.org; Sat, 01 Apr 2023 13:37:02 -0400
Received: from debbugs.gnu.org ([209.51.188.43])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1pif9x-0006k1-QN
 for guix-patches@gnu.org; Sat, 01 Apr 2023 13:37:01 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1pif9x-00010k-Lg
 for guix-patches@gnu.org; Sat, 01 Apr 2023 13:37:01 -0400
X-Loop: help-debbugs@gnu.org
Subject: [bug#62465] [PATCH v4 1/3] services: mcron: Add
 'shepherd-requirement' field.
References: 
 <47e924fd42f74fc2800dc64399f7a069ad463515.1679854500.git.mirai@makinata.eu>
In-Reply-To: 
 <47e924fd42f74fc2800dc64399f7a069ad463515.1679854500.git.mirai@makinata.eu>
Resent-From: Bruno Victal <mirai@makinata.eu>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: guix-patches@gnu.org
Resent-Date: Sat, 01 Apr 2023 17:37:01 +0000
Resent-Message-ID: <handler.62465.B62465.16803705703823@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 62465
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: 62465@debbugs.gnu.org
Cc: Bruno Victal <mirai@makinata.eu>, maxim.cournoyer@gmail.com
Received: via spool by 62465-submit@debbugs.gnu.org id=B62465.16803705703823
 (code B ref 62465); Sat, 01 Apr 2023 17:37:01 +0000
Received: (at 62465) by debbugs.gnu.org; 1 Apr 2023 17:36:10 +0000
Received: from localhost ([127.0.0.1]:38540 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1pif98-0000zb-H5
 for submit@debbugs.gnu.org; Sat, 01 Apr 2023 13:36:10 -0400
Received: from smtpmciv3.myservices.hosting ([185.26.107.239]:39432)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <mirai@makinata.eu>) id 1pif96-0000zS-05
 for 62465@debbugs.gnu.org; Sat, 01 Apr 2023 13:36:10 -0400
Received: from mail1.netim.hosting (unknown [185.26.106.173])
 by smtpmciv3.myservices.hosting (Postfix) with ESMTP id A4BE220861;
 Sat,  1 Apr 2023 19:36:06 +0200 (CEST)
Received: from localhost (localhost [127.0.0.1])
 by mail1.netim.hosting (Postfix) with ESMTP id 52DF380098;
 Sat,  1 Apr 2023 19:36:06 +0200 (CEST)
X-Virus-Scanned: Debian amavisd-new at mail1.netim.hosting
Received: from mail1.netim.hosting ([127.0.0.1])
 by localhost (mail1-2.netim.hosting [127.0.0.1]) (amavisd-new, port 10026)
 with ESMTP id u-OpSAsE2Kpd; Sat,  1 Apr 2023 19:36:05 +0200 (CEST)
Received: from guix-nuc.home.arpa (unknown [10.192.1.83])
 (Authenticated sender: lumen@makinata.eu)
 by mail1.netim.hosting (Postfix) with ESMTPSA id 9EF1B80097;
 Sat,  1 Apr 2023 19:36:05 +0200 (CEST)
From: Bruno Victal <mirai@makinata.eu>
Date: Sat,  1 Apr 2023 18:35:53 +0100
Message-Id: 
 <c36bb61c1bc857d2d4972e31f7c69ebe8fbd441d.1680370145.git.mirai@makinata.eu>
X-Mailer: git-send-email 2.39.1
MIME-Version: 1.0
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-BeenThere: guix-patches@gnu.org
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-patches>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=subscribe>
Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org
Sender: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org
X-getmail-retrieved-from-mailbox: Patches

* gnu/services/mcron.scm (mcron-configuration)[shepherd-requirement]: New field.
(list-of-symbols?): New predicate.
(mcron-shepherd-services): Add support for additional shepherd requirements.
* doc/guix.texi (Scheduled Job Execution): Update it.
---

Notable changes since v3:
* Implemented adjustable user, group and supplementary groups for mcron service.
  These are especially useful when configuring multiple instances. This also aligns
  with upstream recommendation to run multiple mcron instances with lesser
  privileged accounts.

Quoting mcron commit 0fe4d2cc9544d24ecc3e74a2d92433e01b9e25c6:
> I don't believe that anyone should be running system-wide cron processes these
> days (the attack surface is rather large), but should use separate per-user or
> per-service mcron daemon processes.

Tested with 'make check-system TESTS=mcron'.

 doc/guix.texi          |  4 ++++
 gnu/services/mcron.scm | 13 +++++++++++--
 2 files changed, 15 insertions(+), 2 deletions(-)

diff --git a/doc/guix.texi b/doc/guix.texi
index a58ea8f9ec..56aa86118a 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -19379,6 +19379,10 @@ Scheduled Job Execution
 @item @code{mcron} (default: @code{mcron}) (type: file-like)
 The mcron package to use.
 
+@item @code{shepherd-requirement} (default: @code{()}) (type: list-of-symbols)
+This is a list of symbols naming Shepherd services that this service
+will depend on.
+
 @item @code{jobs} (default: @code{()}) (type: list-of-gexps)
 This is a list of gexps (@pxref{G-Expressions}), where each gexp
 corresponds to an mcron job specification (@pxref{Syntax, mcron job
diff --git a/gnu/services/mcron.scm b/gnu/services/mcron.scm
index 2ef5980e09..99eb0edd60 100644
--- a/gnu/services/mcron.scm
+++ b/gnu/services/mcron.scm
@@ -32,6 +32,7 @@ (define-module (gnu services mcron)
   #:export (mcron-configuration
             mcron-configuration?
             mcron-configuration-mcron
+            mcron-configuration-shepherd-requirement
             mcron-configuration-jobs
             mcron-configuration-log?
             mcron-configuration-log-file
@@ -58,6 +59,9 @@ (define-module (gnu services mcron)
 (define list-of-gexps?
   (list-of gexp?))
 
+(define list-of-symbols?
+  (list-of symbol?))
+
 (define-maybe/no-serialization string)
 
 (define-configuration/no-serialization mcron-configuration
@@ -65,6 +69,11 @@ (define-configuration/no-serialization mcron-configuration
    (file-like mcron)
    "The mcron package to use.")
 
+  (shepherd-requirement
+   (list-of-symbols '())
+   "This is a list of symbols naming Shepherd services that this service
+will depend on.")
+
   (jobs
    (list-of-gexps '())
    "This is a list of gexps (@pxref{G-Expressions}), where each gexp
@@ -158,13 +167,13 @@ (define (shepherd-schedule-action mcron files)
 
 (define (mcron-shepherd-services config)
   (match-record config <mcron-configuration>
-    (mcron jobs log? log-file log-format date-format)
+    (mcron shepherd-requirement jobs log? log-file log-format date-format)
     (if (eq? jobs '())
         '()                             ;nothing to do
         (let ((files (job-files mcron jobs)))
           (list (shepherd-service
                  (provision '(mcron))
-                 (requirement '(user-processes))
+                 (requirement `(user-processes ,@shepherd-requirement))
                  (modules `((srfi srfi-1)
                             (srfi srfi-26)
                             (ice-9 popen) ;for the 'schedule' action

From patchwork Sat Apr  1 17:35:54 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Bruno Victal <mirai@makinata.eu>
X-Patchwork-Id: 11925
Return-Path: <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>
X-Original-To: patchwork@mira.cbaines.net
Delivered-To: patchwork@mira.cbaines.net
Received: by mira.cbaines.net (Postfix, from userid 113)
	id DB6CD172B9; Sat,  1 Apr 2023 18:38:24 +0100 (BST)
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on mira.cbaines.net
X-Spam-Level: 
X-Spam-Status: No, score=-2.0 required=5.0 tests=MAILING_LIST_MULTI,
	RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,URIBL_BLOCKED autolearn=unavailable
	autolearn_force=no version=3.4.6
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	by mira.cbaines.net (Postfix) with ESMTPS id D875616D22
	for <patchwork@mira.cbaines.net>; Sat,  1 Apr 2023 18:38:20 +0100 (BST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <guix-patches-bounces@gnu.org>)
	id 1pifB3-0003AQ-AI; Sat, 01 Apr 2023 13:38:09 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1pifB2-0003A4-4d
 for guix-patches@gnu.org; Sat, 01 Apr 2023 13:38:08 -0400
Received: from debbugs.gnu.org ([209.51.188.43])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1pifAw-0006n3-Kp
 for guix-patches@gnu.org; Sat, 01 Apr 2023 13:38:06 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1pifAw-00012U-3i
 for guix-patches@gnu.org; Sat, 01 Apr 2023 13:38:02 -0400
X-Loop: help-debbugs@gnu.org
Subject: [bug#62465] [PATCH v4 2/3] services: mcron: Add instance name support
 for mcron.
Resent-From: Bruno Victal <mirai@makinata.eu>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: guix-patches@gnu.org
Resent-Date: Sat, 01 Apr 2023 17:38:02 +0000
Resent-Message-ID: <handler.62465.B62465.16803706403942@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 62465
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: 62465@debbugs.gnu.org
Cc: Bruno Victal <mirai@makinata.eu>, maxim.cournoyer@gmail.com
Received: via spool by 62465-submit@debbugs.gnu.org id=B62465.16803706403942
 (code B ref 62465); Sat, 01 Apr 2023 17:38:02 +0000
Received: (at 62465) by debbugs.gnu.org; 1 Apr 2023 17:37:20 +0000
Received: from localhost ([127.0.0.1]:38544 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1pifAG-00011V-0F
 for submit@debbugs.gnu.org; Sat, 01 Apr 2023 13:37:20 -0400
Received: from smtpmciv1.myservices.hosting ([185.26.107.237]:47650)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <mirai@makinata.eu>) id 1pifAE-00011N-BO
 for 62465@debbugs.gnu.org; Sat, 01 Apr 2023 13:37:19 -0400
Received: from mail1.netim.hosting (unknown [185.26.106.173])
 by smtpmciv1.myservices.hosting (Postfix) with ESMTP id 7C0A720D4B;
 Sat,  1 Apr 2023 19:37:17 +0200 (CEST)
Received: from localhost (localhost [127.0.0.1])
 by mail1.netim.hosting (Postfix) with ESMTP id 20D4A8009D;
 Sat,  1 Apr 2023 19:37:17 +0200 (CEST)
X-Virus-Scanned: Debian amavisd-new at mail1.netim.hosting
Received: from mail1.netim.hosting ([127.0.0.1])
 by localhost (mail1-2.netim.hosting [127.0.0.1]) (amavisd-new, port 10026)
 with ESMTP id G7hG83HLpm6z; Sat,  1 Apr 2023 19:37:16 +0200 (CEST)
Received: from guix-nuc.home.arpa (unknown [10.192.1.83])
 (Authenticated sender: lumen@makinata.eu)
 by mail1.netim.hosting (Postfix) with ESMTPSA id 4A28F8009B;
 Sat,  1 Apr 2023 19:37:16 +0200 (CEST)
From: Bruno Victal <mirai@makinata.eu>
Date: Sat,  1 Apr 2023 18:35:54 +0100
Message-Id: 
 <32221c49b24430902cbd0b7881a26e8a813ec871.1680370145.git.mirai@makinata.eu>
X-Mailer: git-send-email 2.39.1
In-Reply-To: 
 <c36bb61c1bc857d2d4972e31f7c69ebe8fbd441d.1680370145.git.mirai@makinata.eu>
References: 
 <c36bb61c1bc857d2d4972e31f7c69ebe8fbd441d.1680370145.git.mirai@makinata.eu>
MIME-Version: 1.0
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-BeenThere: guix-patches@gnu.org
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-patches>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=subscribe>
Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org
Sender: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org
X-getmail-retrieved-from-mailbox: Patches

Allow running more than one mcron instance.
Make log-file a mandatory field when instantiating
mcron-configuration records.

Follow-up to <https://issues.guix.gnu.org/62169>.

* gnu/services/mcron.scm (mcron-configuration)[instance-name]: New field.
[log-file]: Update description. Remove default value.
(mcron-shepherd-services): Implement instance-name support. Set the
default service instantiation to log to /var/log/mcron.log.
* gnu/tests/base.scm (%mcron-os): Update tests.
* doc/guix.texi (Scheduled Job Execution): Update it.
---
 doc/guix.texi          | 32 ++++++++++++++++++++++++++++++--
 gnu/services/mcron.scm | 28 ++++++++++++++++++++++------
 gnu/tests/base.scm     |  4 +++-
 3 files changed, 55 insertions(+), 9 deletions(-)

diff --git a/doc/guix.texi b/doc/guix.texi
index 56aa86118a..e2781cb439 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -19383,6 +19383,10 @@ Scheduled Job Execution
 This is a list of symbols naming Shepherd services that this service
 will depend on.
 
+@item @code{instance} (type: maybe-symbol)
+Set the shepherd service name to @code{mcron-@var{instance}}.  This is
+useful when you want to have more than one mcron instance.
+
 @item @code{jobs} (default: @code{()}) (type: list-of-gexps)
 This is a list of gexps (@pxref{G-Expressions}), where each gexp
 corresponds to an mcron job specification (@pxref{Syntax, mcron job
@@ -19391,8 +19395,10 @@ Scheduled Job Execution
 @item @code{log?} (default: @code{#t}) (type: boolean)
 Log messages to standard output.
 
-@item @code{log-file} (default: @code{"/var/log/mcron.log"}) (type: string)
-Log file location.
+@item @code{log-file} (type: string)
+Log file location.  By default, the main mcron instance (which is
+instantiated with @samp{(service mcron-service-type)}) is set to log to
+@file{/var/log/mcron.log}.
 
 @item @code{log-format} (default: @code{"~1@@*~a ~a: ~a~%"}) (type: string)
 @code{(ice-9 format)} format string for log messages.  The default value
@@ -19407,6 +19413,28 @@ Scheduled Job Execution
 @end deftp
 @c %end of fragment
 
+Occasionally, it is desirable to run another mcron instance to separate
+some of the jobs from the main mcron instance for clarity purposes, or if
+the jobs are very chatty and frequent. (for example, a heartbeat check
+every 30 seconds)
+
+The example below shows how an extra mcron service can be defined.
+@lisp
+(use (guix)
+     (guix records)
+     (gnu services)
+     (gnu services mcron))
+
+(define secondary-mcron-service-type
+  (service-type
+   (inherit mcron-service-type)
+   (name 'mcron-secondary)
+   (default-value
+     (mcron-configuration
+       (instance 'secondary)
+       (log-file "/var/log/mcron-secondary.log")))))
+@end lisp
+
 @node Log Rotation
 @subsection Log Rotation
 
diff --git a/gnu/services/mcron.scm b/gnu/services/mcron.scm
index 99eb0edd60..164ef0e723 100644
--- a/gnu/services/mcron.scm
+++ b/gnu/services/mcron.scm
@@ -27,12 +27,14 @@ (define-module (gnu services mcron)
   #:use-module (guix records)
   #:use-module (guix gexp)
   #:use-module (srfi srfi-1)
+  #:use-module (ice-9 format)
   #:use-module (ice-9 match)
   #:use-module (ice-9 vlist)
   #:export (mcron-configuration
             mcron-configuration?
             mcron-configuration-mcron
             mcron-configuration-shepherd-requirement
+            mcron-configuration-instance
             mcron-configuration-jobs
             mcron-configuration-log?
             mcron-configuration-log-file
@@ -63,6 +65,7 @@ (define list-of-symbols?
   (list-of symbol?))
 
 (define-maybe/no-serialization string)
+(define-maybe/no-serialization symbol)
 
 (define-configuration/no-serialization mcron-configuration
   (mcron
@@ -74,6 +77,11 @@ (define-configuration/no-serialization mcron-configuration
    "This is a list of symbols naming Shepherd services that this service
 will depend on.")
 
+  (instance
+   maybe-symbol
+   "Set the shepherd service name to @code{mcron-@var{instance}}.
+This is useful when you want to have more than one mcron instance.")
+
   (jobs
    (list-of-gexps '())
    "This is a list of gexps (@pxref{G-Expressions}), where each gexp
@@ -85,8 +93,10 @@ (define-configuration/no-serialization mcron-configuration
    "Log messages to standard output.")
 
   (log-file
-   (string "/var/log/mcron.log")
-   "Log file location.")
+   string
+   "Log file location.  By default, the main mcron instance
+(which is instantiated with @samp{(service mcron-service-type)})
+is set to log to @file{/var/log/mcron.log}.")
 
   (log-format
    (string "~1@*~a ~a: ~a~%")
@@ -167,12 +177,16 @@ (define (shepherd-schedule-action mcron files)
 
 (define (mcron-shepherd-services config)
   (match-record config <mcron-configuration>
-    (mcron shepherd-requirement jobs log? log-file log-format date-format)
+    (mcron shepherd-requirement instance
+     jobs log? log-file log-format date-format)
     (if (eq? jobs '())
         '()                             ;nothing to do
-        (let ((files (job-files mcron jobs)))
+        (let* ((files (job-files mcron jobs))
+               (instance-name
+                (format #f "mcron~@[-~a~]" (maybe-value instance)))
+               (service-name (string->symbol instance-name)))
           (list (shepherd-service
-                 (provision '(mcron))
+                 (provision (list service-name))
                  (requirement `(user-processes ,@shepherd-requirement))
                  (modules `((srfi srfi-1)
                             (srfi srfi-26)
@@ -220,7 +234,9 @@ (define mcron-service-type
                            (inherit config)
                            (jobs (append (mcron-configuration-jobs config)
                                          jobs)))))
-                (default-value (mcron-configuration)))) ;empty job list
+                (default-value
+                  (mcron-configuration
+                   (log-file "/var/log/mcron.log"))))) ;empty job list
 
 
 ;;;
diff --git a/gnu/tests/base.scm b/gnu/tests/base.scm
index 97edbbc6ad..ffff713e4c 100644
--- a/gnu/tests/base.scm
+++ b/gnu/tests/base.scm
@@ -885,7 +885,9 @@ (define %mcron-os
                      "touch witness-touch")))
     (simple-operating-system
      (service mcron-service-type
-              (mcron-configuration (jobs (list job1 job2 job3)))))))
+              (mcron-configuration
+               (jobs (list job1 job2 job3))
+               (log-file "/var/log/mcron.log"))))))
 
 (define (run-mcron-test name)
   (define os

From patchwork Sat Apr  1 17:35:55 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Bruno Victal <mirai@makinata.eu>
X-Patchwork-Id: 11926
Return-Path: <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>
X-Original-To: patchwork@mira.cbaines.net
Delivered-To: patchwork@mira.cbaines.net
Received: by mira.cbaines.net (Postfix, from userid 113)
	id A78A6172BA; Sat,  1 Apr 2023 18:45:29 +0100 (BST)
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on mira.cbaines.net
X-Spam-Level: 
X-Spam-Status: No, score=-2.0 required=5.0 tests=MAILING_LIST_MULTI,
	RCVD_IN_MSPIKE_H2,SPF_HELO_PASS autolearn=ham autolearn_force=no
	version=3.4.6
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	by mira.cbaines.net (Postfix) with ESMTPS id AD47616D22
	for <patchwork@mira.cbaines.net>; Sat,  1 Apr 2023 18:45:28 +0100 (BST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <guix-patches-bounces@gnu.org>)
	id 1pifHu-0005Fa-Sq; Sat, 01 Apr 2023 13:45:15 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1pifHj-000586-V6
 for guix-patches@gnu.org; Sat, 01 Apr 2023 13:45:04 -0400
Received: from debbugs.gnu.org ([209.51.188.43])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1pifHj-0007wQ-2I
 for guix-patches@gnu.org; Sat, 01 Apr 2023 13:45:03 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1pifHi-0001Dk-Da
 for guix-patches@gnu.org; Sat, 01 Apr 2023 13:45:02 -0400
X-Loop: help-debbugs@gnu.org
Subject: [bug#62465] [PATCH v4 3/3] services: mcron: Add user-name,
 user-group and supplementary-groups fields.
Resent-From: Bruno Victal <mirai@makinata.eu>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: guix-patches@gnu.org
Resent-Date: Sat, 01 Apr 2023 17:45:02 +0000
Resent-Message-ID: <handler.62465.B62465.16803710764636@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 62465
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: 62465@debbugs.gnu.org
Cc: Bruno Victal <mirai@makinata.eu>, maxim.cournoyer@gmail.com
Received: via spool by 62465-submit@debbugs.gnu.org id=B62465.16803710764636
 (code B ref 62465); Sat, 01 Apr 2023 17:45:02 +0000
Received: (at 62465) by debbugs.gnu.org; 1 Apr 2023 17:44:36 +0000
Received: from localhost ([127.0.0.1]:38548 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1pifHI-0001Ci-6F
 for submit@debbugs.gnu.org; Sat, 01 Apr 2023 13:44:36 -0400
Received: from smtpmciv3.myservices.hosting ([185.26.107.239]:40988)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <mirai@makinata.eu>) id 1pifHG-0001Ca-DM
 for 62465@debbugs.gnu.org; Sat, 01 Apr 2023 13:44:34 -0400
Received: from mail1.netim.hosting (unknown [185.26.106.173])
 by smtpmciv3.myservices.hosting (Postfix) with ESMTP id 7EAEF205DB;
 Sat,  1 Apr 2023 19:44:33 +0200 (CEST)
Received: from localhost (localhost [127.0.0.1])
 by mail1.netim.hosting (Postfix) with ESMTP id 47C8E8009B;
 Sat,  1 Apr 2023 19:37:17 +0200 (CEST)
X-Virus-Scanned: Debian amavisd-new at mail1.netim.hosting
Received: from mail1.netim.hosting ([127.0.0.1])
 by localhost (mail1-2.netim.hosting [127.0.0.1]) (amavisd-new, port 10026)
 with ESMTP id dTfXb07MRUlK; Sat,  1 Apr 2023 19:37:17 +0200 (CEST)
Received: from guix-nuc.home.arpa (unknown [10.192.1.83])
 (Authenticated sender: lumen@makinata.eu)
 by mail1.netim.hosting (Postfix) with ESMTPSA id AF11C8009C;
 Sat,  1 Apr 2023 19:37:16 +0200 (CEST)
From: Bruno Victal <mirai@makinata.eu>
Date: Sat,  1 Apr 2023 18:35:55 +0100
Message-Id: 
 <a73b89b6ea8f4699dd73fde7e6d8432c6c5d15b1.1680370145.git.mirai@makinata.eu>
X-Mailer: git-send-email 2.39.1
In-Reply-To: 
 <c36bb61c1bc857d2d4972e31f7c69ebe8fbd441d.1680370145.git.mirai@makinata.eu>
References: 
 <c36bb61c1bc857d2d4972e31f7c69ebe8fbd441d.1680370145.git.mirai@makinata.eu>
MIME-Version: 1.0
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-BeenThere: guix-patches@gnu.org
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-patches>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=subscribe>
Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org
Sender: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org
X-getmail-retrieved-from-mailbox: Patches

Allows mcron to be launched with a different user. This is especially useful
when configuring multiple instances.

* gnu/services/mcron.scm
(mcron-configuration)[user, group, supplementary-groups]: New field.
(list-of-user-groups?): New predicate.
(mcron-shepherd-services): Use newly added fields.
* doc/guix.texi (Scheduled Job Execution): Update it.
---
 doc/guix.texi          |  9 +++++++++
 gnu/services/mcron.scm | 31 +++++++++++++++++++++++++++++++
 2 files changed, 40 insertions(+)

diff --git a/doc/guix.texi b/doc/guix.texi
index e2781cb439..1819e1386c 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -19387,6 +19387,15 @@ Scheduled Job Execution
 Set the shepherd service name to @code{mcron-@var{instance}}.  This is
 useful when you want to have more than one mcron instance.
 
+@item @code{user} (type: maybe-user-account)
+Owner of the @command{mcron} process.
+
+@item @code{group} (type: maybe-user-group)
+Owner group of the @command{mcron} process.
+
+@item @code{supplementary-groups} (type: maybe-list-of-user-groups)
+List of supplementary groups of the @command{mcron} process.
+
 @item @code{jobs} (default: @code{()}) (type: list-of-gexps)
 This is a list of gexps (@pxref{G-Expressions}), where each gexp
 corresponds to an mcron job specification (@pxref{Syntax, mcron job
diff --git a/gnu/services/mcron.scm b/gnu/services/mcron.scm
index 164ef0e723..b4e28fc65d 100644
--- a/gnu/services/mcron.scm
+++ b/gnu/services/mcron.scm
@@ -23,6 +23,7 @@ (define-module (gnu services mcron)
   #:use-module (gnu services configuration)
   #:use-module (gnu services shepherd)
   #:use-module (gnu packages guile-xyz)
+  #:use-module (gnu system accounts)
   #:use-module (guix deprecation)
   #:use-module (guix records)
   #:use-module (guix gexp)
@@ -64,8 +65,14 @@ (define list-of-gexps?
 (define list-of-symbols?
   (list-of symbol?))
 
+(define list-of-user-groups?
+  (list-of user-group?))
+
 (define-maybe/no-serialization string)
 (define-maybe/no-serialization symbol)
+(define-maybe/no-serialization user-account)
+(define-maybe/no-serialization user-group)
+(define-maybe/no-serialization list-of-user-groups)
 
 (define-configuration/no-serialization mcron-configuration
   (mcron
@@ -82,6 +89,18 @@ (define-configuration/no-serialization mcron-configuration
    "Set the shepherd service name to @code{mcron-@var{instance}}.
 This is useful when you want to have more than one mcron instance.")
 
+  (user
+   maybe-user-account
+   "Owner of the @command{mcron} process.")
+
+  (group
+   maybe-user-group
+   "Owner group of the @command{mcron} process.")
+
+  (supplementary-groups
+   maybe-list-of-user-groups
+   "List of supplementary groups of the @command{mcron} process.")
+
   (jobs
    (list-of-gexps '())
    "This is a list of gexps (@pxref{G-Expressions}), where each gexp
@@ -178,6 +197,7 @@ (define (shepherd-schedule-action mcron files)
 (define (mcron-shepherd-services config)
   (match-record config <mcron-configuration>
     (mcron shepherd-requirement instance
+     user group supplementary-groups
      jobs log? log-file log-format date-format)
     (if (eq? jobs '())
         '()                             ;nothing to do
@@ -204,6 +224,17 @@ (define (mcron-shepherd-services config)
                                                 '()))
                                         '())
                                  #$@files)
+                           #$@(if (maybe-value-set? user)
+                                  `(#:user ,(user-account-name user))
+                                  '())
+                           #$@(if (maybe-value-set? group)
+                                  `(#:group ,(user-group-name group))
+                                  '())
+                           #$@(if (maybe-value-set? supplementary-groups)
+                                  `(#:supplementary-groups
+                                    ,#~'#$(map user-group-name
+                                               supplementary-groups))
+                                  '())
 
                            ;; Disable auto-compilation of the job files and
                            ;; set a sane value for 'PATH'.