GNU bug report logs - #47849
[PATCH] Add a jami-daemon service.

Previous Next

Full log

Message #32 received at 47849 <at> debbugs.gnu.org (full text, mbox):

From: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>
To: Maxime Devos <maximedevos <at> telenet.be>
Cc: 47849 <at> debbugs.gnu.org
Subject: Re: [bug#47849] [PATCH 1/1] services: Add a service for the Jami
 daemon.
Date: Thu, 20 May 2021 08:37:19 -0400

Hello Maxime.

Maxime Devos <maximedevos <at> telenet.be> writes:

> Maxim Cournoyer schreef op za 17-04-2021 om 16:06 [-0400]:
>> +                ;; Start the daemon.
>> +                (define daemon-pid
>> +                  (fork+exec-command
>> +                   '#$(jami-daemon-configuration->command-line-arguments config)
>> +                   #:user "jami"
>> +                   #:group "jami"
>> +                   #:environment-variables
>> +                   (list (string-append "DBUS_SESSION_BUS_ADDRESS="
>> +                                        "unix:path=/var/run/jami/bus"))))
>
> It would be nice if this could be run in a container
> that only has access to the relevant parts of the file system
> (and not, say, /run/setuid-programs).  See, e.g., gnu/build/linux-container.scm.

That's now the case in the just-sent v2, both for the D-Bus session
service as well as the Jami process itself :-).  I figured out I could
simply call make-forkexec+constructor/container and execute apply the
resulting procedure.

I've also manage to (with much difficulty!) have the service properly
start, stop or restart without races.  The new tests proved really
useful for the lengthy trial and error process that I had to go through.

Thanks for your patience!

Maxim

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.