From debbugs-submit-bounces@debbugs.gnu.org Tue Mar 01 02:07:58 2022 Received: (at submit) by debbugs.gnu.org; 1 Mar 2022 07:07:58 +0000 Received: from localhost ([127.0.0.1]:35297 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nOwc2-0006ye-8p for submit@debbugs.gnu.org; Tue, 01 Mar 2022 02:07:58 -0500 Received: from lists.gnu.org ([209.51.188.17]:55250) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nOwbz-0006yU-AO for submit@debbugs.gnu.org; Tue, 01 Mar 2022 02:07:56 -0500 Received: from eggs.gnu.org ([209.51.188.92]:34030) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1nOwbz-00056p-4a for guix-patches@gnu.org; Tue, 01 Mar 2022 02:07:55 -0500 Received: from [2a00:1450:4864:20::62f] (port=38718 helo=mail-ej1-x62f.google.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1nOwbm-0003s0-JD for guix-patches@gnu.org; Tue, 01 Mar 2022 02:07:54 -0500 Received: by mail-ej1-x62f.google.com with SMTP id r13so29529168ejd.5 for ; Mon, 28 Feb 2022 23:07:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=sender:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=75wmsSlr14mzKkpZBqiq1CEZt/ErTeewRLFbbB19M/o=; b=mULNaXSO0k0wHqeplu3K+sTjZhbDwm4JRBSoNVqaooz9/M5dMDYkZUfR7Ca/0KLFnp Dk4HNunPofZeCNkA2HNWkgH/2+14InKr9Z/XzYkYvj84s18K381Z6I/lqrZzv7YHZUBm oGi0Mrqyf1ncE6bYG02MA83RUkgkSUjpVYlx7T8AhXEJa63idvFm20a/vya9OYUCFIXy GVrnk9HWr3/cN2dh3fdS1v43tpLzKpsRDSHeVygB8XIM2SjZQFeB8XEcs0ffY7y0U5V5 8B6DGedA5/Id6YoKHkRtajoH2sdDwbpRsp7snK61M6aPU/NL5OvZiVxcM/+xmj2SK64D nTYQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:sender:from:to:cc:subject:date:message-id :mime-version:content-transfer-encoding; bh=75wmsSlr14mzKkpZBqiq1CEZt/ErTeewRLFbbB19M/o=; b=HOALzW0lcFPH5sTeyhQTtvXjhEFWE+zF7Mb0RgVAvEZlmO7MTMpTCvCPbJ8pa8vlQx bDhFE3H5tkHWKNDBABk2bXaD6OYOWr7Lrx72qVt6ojHBZWzPVv06aXUxq4wFdzPIQcoq 3TNeCy/ejAoMGwmyfSn8O73GCV16QZNh1EWX3SjBfTo5ZMw0XnzH0DY2ozjnlBw5aJfx G6I/N+CAP5mKsD6bJn4u2Z8KKCVFcobLTO1zjcUveFzK8TS2WhkuyEyleMTVc7z092jR hlPKIo2nkv6ingAfyD0XbQavTfPdfszeOh4wfsrGkJOrtxb5SVbuR7XbWsgqKIzewK3U NpPw== X-Gm-Message-State: AOAM530wvscIx2mZzNBRRjzvqkIKmJUdouoqIGHkgA7WFbnU8zpZ0/sC bbaZy2PHhKB5PX7j9iuAaD3wTg8NyyE= X-Google-Smtp-Source: ABdhPJzkTBx+y0wmz4tHnO2ShykpbKq4ZfLNY6NmuNADwcvvVqcFVfwVwv9ZsuSFbiPCUXIYYw5HAg== X-Received: by 2002:a17:906:a08:b0:6ce:e6d:7a63 with SMTP id w8-20020a1709060a0800b006ce0e6d7a63mr17713309ejf.309.1646118454929; Mon, 28 Feb 2022 23:07:34 -0800 (PST) Received: from lelap.local (catv-89-132-245-188.catv.fixed.vodafone.hu. [89.132.245.188]) by smtp.gmail.com with ESMTPSA id e11-20020aa7d7cb000000b00412a96ba630sm6744987eds.25.2022.02.28.23.07.33 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 28 Feb 2022 23:07:34 -0800 (PST) From: Attila Lendvai To: guix-patches@gnu.org Subject: [PATCH Shepherd] Factor out a public CALL-IN-FORK. Date: Tue, 1 Mar 2022 08:06:15 +0100 Message-Id: <20220301070615.21028-1-attila@lendvai.name> X-Mailer: git-send-email 2.34.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Host-Lookup-Failed: Reverse DNS lookup failed for 2a00:1450:4864:20::62f (failed) Received-SPF: pass client-ip=2a00:1450:4864:20::62f; envelope-from=attila.lendvai@gmail.com; helo=mail-ej1-x62f.google.com X-Spam_score_int: 0 X-Spam_score: -0.1 X-Spam_bar: / X-Spam_report: (-0.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.249, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.249, PDS_HP_HELO_NORDNS=0.659, RCVD_IN_DNSWL_NONE=-0.0001, RDNS_NONE=0.793, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=no autolearn_force=no X-Spam_action: no action X-Spam-Score: 0.7 (/) X-Debbugs-Envelope-To: submit Cc: Attila Lendvai X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.8 (-) This enables service implementations to easily inject code that is run before their service is started. One such example is calling setrlimit from a start action to set NOFILE (the open files limit), before the service is exec'ed and thus inherits this value from the parent process, i.e. from Shepherd. * modules/shepherd/service.scm (fork-and-call): New function. (fork+exec-command): Use the above. --- modules/shepherd/service.scm | 51 ++++++++++++++++++++---------------- 1 file changed, 29 insertions(+), 22 deletions(-) diff --git a/modules/shepherd/service.scm b/modules/shepherd/service.scm index ad8608b..8d5e30f 100644 --- a/modules/shepherd/service.scm +++ b/modules/shepherd/service.scm @@ -79,6 +79,7 @@ make-forkexec-constructor make-kill-destructor exec-command + fork-and-call fork+exec-command default-pid-file-timeout read-pid-file @@ -883,19 +884,8 @@ false." ;; Signals that the shepherd process handles. (list SIGCHLD SIGINT SIGHUP SIGTERM)) -(define* (fork+exec-command command - #:key - (user #f) - (group #f) - (supplementary-groups '()) - (log-file #f) - (directory (default-service-directory)) - (file-creation-mask #f) - (create-session? #t) - (environment-variables - (default-environment-variables))) - "Spawn a process that executed COMMAND as per 'exec-command', and return -its PID." +(define* (fork-and-call thunk) + "Call THUNK in a fork." ;; Install the SIGCHLD handler if this is the first fork+exec-command call. (unless %sigchld-handler-installed? (sigaction SIGCHLD handle-SIGCHLD SA_NOCLDSTOP) @@ -916,17 +906,34 @@ its PID." ;; process. (unblock-signals %precious-signals) - (exec-command command - #:user user - #:group group - #:supplementary-groups supplementary-groups - #:log-file log-file - #:directory directory - #:file-creation-mask file-creation-mask - #:create-session? create-session? - #:environment-variables environment-variables)) + (thunk)) pid)))) +(define* (fork+exec-command command + #:key + (user #f) + (group #f) + (supplementary-groups '()) + (log-file #f) + (directory (default-service-directory)) + (file-creation-mask #f) + (create-session? #t) + (environment-variables + (default-environment-variables))) + "Spawn a process that executed COMMAND as per 'exec-command', and return +its PID." + (fork-and-call + (lambda () + (exec-command command + #:user user + #:group group + #:supplementary-groups supplementary-groups + #:log-file log-file + #:directory directory + #:file-creation-mask file-creation-mask + #:create-session? create-session? + #:environment-variables environment-variables)))) + (define* (make-forkexec-constructor command #:key (user #f) -- 2.34.0 From debbugs-submit-bounces@debbugs.gnu.org Tue Mar 01 02:30:09 2022 Received: (at 54205) by debbugs.gnu.org; 1 Mar 2022 07:30:10 +0000 Received: from localhost ([127.0.0.1]:35318 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nOwxV-0007Yr-Jc for submit@debbugs.gnu.org; Tue, 01 Mar 2022 02:30:09 -0500 Received: from mail-ed1-f42.google.com ([209.85.208.42]:40534) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nOwxU-0007XY-9y for 54205@debbugs.gnu.org; Tue, 01 Mar 2022 02:30:08 -0500 Received: by mail-ed1-f42.google.com with SMTP id h15so20765853edv.7 for <54205@debbugs.gnu.org>; Mon, 28 Feb 2022 23:30:08 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=sender:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=rV9DdXdn3FaNRdf4hfVycvLSqQGs7HbPBXnQtkJakPM=; b=kZQYMb6NQb/Yzh8jakf9E8jeXVCS+4+8zxByPlv1FguXQTn0uZVpAOh7wiJhjOUexS f/6hsFCcGpa8yTX8VsygycWLAixtrnUGEE8HAuYxkVAdesx8B+SOSWrzMQghiUMJYpAO dVjqh2Zokc4oxBocZKvDzEveUmAvOt2vyPH3JgiqYD1LjpNtprzObC6qnwQNWS6IWzhy qDPL+zpc8+IPavTnSnwDs9tNDbEx/alMesuds9sifBZafk5sby9Whgi81FZj29oOD194 UxfPBPS/E7CQ6jwOndbacGDfGLVHPwWkv9XeZ+HEnat3Saj3q5ugaW1VQXk9MceL8qN8 y0iQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:sender:from:to:cc:subject:date:message-id :mime-version:content-transfer-encoding; bh=rV9DdXdn3FaNRdf4hfVycvLSqQGs7HbPBXnQtkJakPM=; b=s9LPWezaz+smQj/tBVSUu0WglLHdZ+ow+Coiy0O4MXJGtYEWjCzDmfikVHufLwhc+Z wetAfA1NEfHxVT0eDEK2Oil2nvhE6wG/MH6IstolIuEFonnv/Z9PHKVEVL6RVgM3BNzC Qx6D/j3t351aqeE2GPQTKqz7vMfZkcqezm5Ac7QSLvaEyqX7GwcgiTWQ/q4iZTax1KlH MVuS5VqV0XXs/ejczPKZt4U8d+TXrnTvC2oL9zxM59pnVI66rlBtqIkRiBO2ekCOqXQS lg+LMLE11jCCUnBgrFGPaHfYYn4WDpEew0UKu+OekvbeGWoKUrMumLfePZ+bSmUoz4dH z6pA== X-Gm-Message-State: AOAM532QCRJF7nk5jf0Bz1S2C8+/g/gfjp2NTjk+0LHkZcY9QGDp8b/2 xknQztun9AXCMNesnZEFanTGUum9mvU= X-Google-Smtp-Source: ABdhPJy+1vHrlYYAcfw6Vvv4tsWC9LWEGgwRo1Q49cuyqK1lFeW4bT6xUw7bbU6G1Dv7dvCWgnyE+Q== X-Received: by 2002:a05:6402:27cb:b0:412:124:e0db with SMTP id c11-20020a05640227cb00b004120124e0dbmr23219006ede.72.1646119802252; Mon, 28 Feb 2022 23:30:02 -0800 (PST) Received: from lelap.local (catv-89-132-245-188.catv.fixed.vodafone.hu. [89.132.245.188]) by smtp.gmail.com with ESMTPSA id w2-20020a50d982000000b00410dc0889b9sm6879612edj.63.2022.02.28.23.30.01 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 28 Feb 2022 23:30:01 -0800 (PST) From: Attila Lendvai To: 54205@debbugs.gnu.org Subject: [PATCH v2] Factor out a public FORK-AND-CALL. Date: Tue, 1 Mar 2022 08:29:27 +0100 Message-Id: <20220301072927.26525-1-attila@lendvai.name> X-Mailer: git-send-email 2.34.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Score: 0.5 (/) X-Debbugs-Envelope-To: 54205 Cc: Attila Lendvai X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.5 (/) This enables service implementations to easily inject code that is run before their service is started. One such example is calling setrlimit from a start action to set NOFILE (the open files limit), before the service is exec'ed and inherits this value from the parent process, i.e. from Shepherd. * modules/shepherd/service.scm (fork-and-call): New function. (fork+exec-command): Use the above. --- v2: fixes the commit message. modules/shepherd/service.scm | 51 ++++++++++++++++++++---------------- 1 file changed, 29 insertions(+), 22 deletions(-) diff --git a/modules/shepherd/service.scm b/modules/shepherd/service.scm index ad8608b..8d5e30f 100644 --- a/modules/shepherd/service.scm +++ b/modules/shepherd/service.scm @@ -79,6 +79,7 @@ make-forkexec-constructor make-kill-destructor exec-command + fork-and-call fork+exec-command default-pid-file-timeout read-pid-file @@ -883,19 +884,8 @@ false." ;; Signals that the shepherd process handles. (list SIGCHLD SIGINT SIGHUP SIGTERM)) -(define* (fork+exec-command command - #:key - (user #f) - (group #f) - (supplementary-groups '()) - (log-file #f) - (directory (default-service-directory)) - (file-creation-mask #f) - (create-session? #t) - (environment-variables - (default-environment-variables))) - "Spawn a process that executed COMMAND as per 'exec-command', and return -its PID." +(define* (fork-and-call thunk) + "Call THUNK in a fork." ;; Install the SIGCHLD handler if this is the first fork+exec-command call. (unless %sigchld-handler-installed? (sigaction SIGCHLD handle-SIGCHLD SA_NOCLDSTOP) @@ -916,17 +906,34 @@ its PID." ;; process. (unblock-signals %precious-signals) - (exec-command command - #:user user - #:group group - #:supplementary-groups supplementary-groups - #:log-file log-file - #:directory directory - #:file-creation-mask file-creation-mask - #:create-session? create-session? - #:environment-variables environment-variables)) + (thunk)) pid)))) +(define* (fork+exec-command command + #:key + (user #f) + (group #f) + (supplementary-groups '()) + (log-file #f) + (directory (default-service-directory)) + (file-creation-mask #f) + (create-session? #t) + (environment-variables + (default-environment-variables))) + "Spawn a process that executed COMMAND as per 'exec-command', and return +its PID." + (fork-and-call + (lambda () + (exec-command command + #:user user + #:group group + #:supplementary-groups supplementary-groups + #:log-file log-file + #:directory directory + #:file-creation-mask file-creation-mask + #:create-session? create-session? + #:environment-variables environment-variables)))) + (define* (make-forkexec-constructor command #:key (user #f) -- 2.34.0 From debbugs-submit-bounces@debbugs.gnu.org Tue Mar 01 07:02:00 2022 Received: (at 54205) by debbugs.gnu.org; 1 Mar 2022 12:02:00 +0000 Received: from localhost ([127.0.0.1]:35733 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nP1CZ-0006MI-UN for submit@debbugs.gnu.org; Tue, 01 Mar 2022 07:02:00 -0500 Received: from mailrelay.tugraz.at ([129.27.2.202]:30065) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nP1CW-0006M8-UD for 54205@debbugs.gnu.org; Tue, 01 Mar 2022 07:01:58 -0500 Received: from lprikler-laptop.ist.intra (gw.ist.tugraz.at [129.27.202.101]) by mailrelay.tugraz.at (Postfix) with ESMTPSA id 4K7G7h743Kz1LZWn; Tue, 1 Mar 2022 13:01:52 +0100 (CET) DKIM-Filter: OpenDKIM Filter v2.11.0 mailrelay.tugraz.at 4K7G7h743Kz1LZWn DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tugraz.at; s=mailrelay; t=1646136113; bh=Z6AN3XJLM1vnvfiVNHrsns/EaKVXFrPOtZLNf5Jt/NE=; h=Subject:From:To:Date:In-Reply-To:References:From; b=ay8b5irE4B/KWZuNIah5FcUTO/POGAeL+Je8Kv58QkDY2WlInXt4T5RFoeUa9PrKS vvqRSPxBFQ8sutC+OFI+t++XwL6aOdRmtwJmWZXa7Ne/8v/Zgtp5gdadZrRjFoBqmg saV/iIJnHgpqoO8BiNKovcx/xuFNRiwmAol3oVU0= Message-ID: Subject: Re: [PATCH v2] Factor out a public FORK-AND-CALL. From: Liliana Marie Prikler To: Attila Lendvai , 54205@debbugs.gnu.org Date: Tue, 01 Mar 2022 13:01:52 +0100 In-Reply-To: <20220301072927.26525-1-attila@lendvai.name> References: <20220301072927.26525-1-attila@lendvai.name> Content-Type: text/plain; charset="UTF-8" User-Agent: Evolution 3.42.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-TUG-Backscatter-control: waObeELIUl4ypBWmcn/8wQ X-Spam-Scanner: SpamAssassin 3.003001 X-Spam-Score-relay: -1.9 X-Scanned-By: MIMEDefang 2.74 on 129.27.10.117 X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 54205 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) Am Dienstag, dem 01.03.2022 um 08:29 +0100 schrieb Attila Lendvai: > This enables service implementations to easily inject code that is > run before their service is started.  One such example is calling > setrlimit from a start action to set NOFILE (the open files limit), > before the service is exec'ed and inherits this value from the parent > process, i.e. from Shepherd. In general, I think such capabilities should be added to exec-command, rather than resorting to a lambda. It takes a little while to realize that call-in-fork, fork-and-call or whatever you want to name it is in fact not pure evil; mainly because shepherd could in its stead already invoke any lambda you throw at it. That being said, one should always be aware that this child process runs with the full permissions of shepherd, which you normally don't want to do for a service. > [...] > +(define* (fork-and-call thunk) > +  "Call THUNK in a fork." >    ;; Install the SIGCHLD handler if this is the first fork+exec- > command call. This docstring, as well as the procedure name only describe what is done with thunk in the crudest terms. What's more, I don't think it makes too much sense to restrict ourselves to thunks if we already run arbitrary code anyway. In my opinion, it ought to be > +(define* (fork+apply proc . args) > + "Spawn a process that calls PROC with ARGS and return its PID." >    (unless %sigchld-handler-installed? >      (sigaction SIGCHLD handle-SIGCHLD SA_NOCLDSTOP) > @@ -916,17 +906,34 @@ its PID." >              ;; process. >              (unblock-signals %precious-signals) >   > -            (exec-command command > -                          #:user user > -                          #:group group > -                          #:supplementary-groups supplementary- > groups > -                          #:log-file log-file > -                          #:directory directory > -                          #:file-creation-mask file-creation-mask > -                          #:create-session? create-session? > -                          #:environment-variables environment- > variables)) > +            (apply proc args)) >            pid)))) WDYT?   > +(define* (fork+exec-command command > +                            #:key > +                            (user #f) > +                            (group #f) > +                            (supplementary-groups '()) > +                            (log-file #f) > +                            (directory (default-service-directory)) > +                            (file-creation-mask #f) > +                            (create-session? #t) > +                            (environment-variables > +                             (default-environment-variables))) > +  "Spawn a process that executed COMMAND as per 'exec-command', and > return > +its PID." This is just copypasta from a previous mistake, but s/executed/executes/. Cheers From debbugs-submit-bounces@debbugs.gnu.org Tue Mar 01 07:47:18 2022 Received: (at 54205) by debbugs.gnu.org; 1 Mar 2022 12:47:18 +0000 Received: from localhost ([127.0.0.1]:35796 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nP1uQ-0001DB-4n for submit@debbugs.gnu.org; Tue, 01 Mar 2022 07:47:18 -0500 Received: from laurent.telenet-ops.be ([195.130.137.89]:48762) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nP1uN-0001Cy-PL for 54205@debbugs.gnu.org; Tue, 01 Mar 2022 07:47:16 -0500 Received: from ptr-bvsjgyhxw7psv60dyze.18120a2.ip6.access.telenet.be ([IPv6:2a02:1811:8c09:9d00:3c5f:2eff:feb0:ba5a]) by laurent.telenet-ops.be with bizsmtp id 10nE270044UW6Th010nEQK; Tue, 01 Mar 2022 13:47:14 +0100 Message-ID: Subject: Re: [bug#54205] [PATCH Shepherd] Factor out a public CALL-IN-FORK. From: Maxime Devos To: Attila Lendvai , 54205@debbugs.gnu.org Date: Tue, 01 Mar 2022 13:47:09 +0100 In-Reply-To: <20220301070615.21028-1-attila@lendvai.name> References: <20220301070615.21028-1-attila@lendvai.name> Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="=-Ee8t70XAX0uk4RrkMNAx" User-Agent: Evolution 3.38.3-1 MIME-Version: 1.0 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telenet.be; s=r22; t=1646138834; bh=HoV6AKKiFl6eZj2+BkWLR6yM5XIFmj7zJBr1cGvoGXQ=; h=Subject:From:To:Date:In-Reply-To:References; b=GK8ygVPpMNWlGhsUdPGc3My/qzsYTEjHreTnzylyBbo4hGr++PBfvbY4PSbXcF5m2 /vQXyIX7TJoplxRJn3AxsCRgdQP59PyZlz84hb9ddkCENxDcPI07NO9/7OaSY9jy/7 BhSD+d9YvNgK50C6TB0apkV9NW730FO/RqUuKme7CsseMwrW7HZfUwpRMi41norurA Xq+sk7EFdjJjwX0TcqSRDGxr7/SBML3RNJygdrvxOBRbhPdaEUeLrRGkARVpF0E33r CsTmnLWIWckMZzMxBRuwziqtI0DBFeqlQTdIIyS1wT8gLO3CDh5xcf+XKmEQber/6n xwH6M5WFlRCVQ== X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 54205 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.7 (-) --=-Ee8t70XAX0uk4RrkMNAx Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Attila Lendvai schreef op di 01-03-2022 om 08:06 [+0100]: > their service is started.=C2=A0 One such example is calling setrlimit fro= m a start > action to set NOFILE (the open files limit), before the service is exec'e= d and > thus inherits this value from the parent process, i.e. from Shepherd. 'fork+exec-command' already accepts a 'environment-variables' and 'file-creation-mask', how about adding an 'open-file-limit' argument? To me, that seems more declarative and less fragile than having to call 'call-in-fork' manually in a 'start' procedure (*). Support for other rlimits can be added on an as-needed basis. Alternatively, the argument could be generalised to a more general 'rlimit' argument: #:rlimits `((,RLIMIT_AS ,SOFT ,HARD) (,RLIMIT_NPROC ,SOFT ,HARD) (,RLIMIT_NOFILE ,SOFT ,HARD)) WDYT? Greetings, Maxime. (*) E.g., one of the ideas for making shepherd faster, was using some kind of multi-threading. Forking when multi-threading is ill-defined (see POSIX) though, so some kind of zygote process + IPC might be necessary (http://neugierig.org/software/chromium/notes/2011/08/zygote.html has a nice explanation on zygote processes, the bits about software updates can be ignored here). --=-Ee8t70XAX0uk4RrkMNAx Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- iI0EABYKADUWIQTB8z7iDFKP233XAR9J4+4iGRcl7gUCYh4VzRccbWF4aW1lZGV2 b3NAdGVsZW5ldC5iZQAKCRBJ4+4iGRcl7k8SAP4gZaaQE/hNFfzGvxdqI+eKxCqc jXMNaJTOYqkDqloFzwEAo7Eqqzbabm3nzRrq7tfYfRuU63LWiq+0/EBDo5rP4wM= =jRlT -----END PGP SIGNATURE----- --=-Ee8t70XAX0uk4RrkMNAx-- From debbugs-submit-bounces@debbugs.gnu.org Tue Mar 01 08:04:52 2022 Received: (at 54205) by debbugs.gnu.org; 1 Mar 2022 13:04:52 +0000 Received: from localhost ([127.0.0.1]:35841 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nP2BQ-0001hj-Fv for submit@debbugs.gnu.org; Tue, 01 Mar 2022 08:04:52 -0500 Received: from mail-4022.proton.ch ([185.70.40.22]:41133) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nP2BO-0001hU-9V for 54205@debbugs.gnu.org; Tue, 01 Mar 2022 08:04:51 -0500 Date: Tue, 01 Mar 2022 13:04:40 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lendvai.name; s=protonmail3; t=1646139881; bh=Tu5CROJJJw2vnjTwL8skTYxkc7BCk9MDP92jYn3Qj7A=; h=Date:To:From:Cc:Reply-To:Subject:Message-ID:In-Reply-To: References:From:To:Cc:Date:Subject:Reply-To:Feedback-ID: Message-ID; b=ONBLaHfECFtQs7N3SPf8652/Zg17tuB4NJ4fF3CimCJ4QVn+9TkBJw5Of6uvZLy0e CJ735eqep2PNRLozr4rWRDS0ShQyLqx5qnfJflg7SDuYWk7MBgO4cH4U8/hPIPRbjq QdQuBVlxGdKjm/oH41L35hWYqbeMiPrXybj6KvQ3AP3WmlDuitAqwXdQx55Y8ZiSLC Oh2PBDpVnVnS2UoSz4T2Lt/8rA85dZ8sVnSXIPH27P9TLCEiuBLdm5knDJoqf489lu dIuaCRCxEGwVyBzV9ZbkzE109yvVZ4rlBULphD9ffZVCAEu7chDnKzpXXm9TlqdI+f /dbRxKLP8iK7Q== To: Liliana Marie Prikler From: Attila Lendvai Subject: Re: [PATCH v2] Factor out a public FORK-AND-CALL. Message-ID: In-Reply-To: References: <20220301072927.26525-1-attila@lendvai.name> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-1.2 required=10.0 tests=ALL_TRUSTED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,T_SCC_BODY_TEXT_LINE shortcircuit=no autolearn=disabled version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on mailout.protonmail.ch X-Spam-Score: -0.0 (/) X-Debbugs-Envelope-To: 54205 Cc: 54205@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Attila Lendvai Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) > In general, I think such capabilities should be added to exec-command, > rather than resorting to a lambda. It takes a little while to realize > that call-in-fork, fork-and-call or whatever you want to name it is in > fact not pure evil; mainly because shepherd could in its stead already > invoke any lambda you throw at it. That being said, one should always > be aware that this child process runs with the full permissions of > shepherd, which you normally don't want to do for a service. does the above mean that you're concerned about the security implications? = if so, then i don't understand, because Guile already allows calling/accessing private functions/symbols, and thus this change doesn't really increase the (already enormous) attack surface in the guile codebase. it does increase the shoot-oneself-in-the-foot-surface a little bit, though= . it's worth pointing out, though, that trusting a channel, and adding a shep= herd service defined by it to the machine's config, is essentially giving root a= ccess to the channel author. and this is already the case, prior to my change. BTW, can i not already simply pass 0, or "root" as #:user to EXEC-COMMAND? > In my opinion, it ought to be > > > +(define* (fork+apply proc . args) > [...] > > WDYT? makes sense, i'll update the patch... but given the feedback from the two o= f you, should i? i think i'll abandon this, and implement Maxime's #:rlimits suggestion. i'm not sure how much better that will be, but at least it won't make futur= e threading harder, and allows me to make progress with my project. if anyone prefers the FORK+APPLY version, then do speak up! -- =E2=80=A2 attila lendvai =E2=80=A2 PGP: 963F 5D5F 45C7 DFCD 0A39 -- =E2=80=9CAn atheist doesn't have to be someone who thinks he has a proof th= at there can't be a god. He only has to be someone who believes that the ev= idence on the God question is at a similar level to the evidence on the wer= ewolf question.=E2=80=9D =09=E2=80=94 John McCarthy (1927=E2=80=932011), father of Lisp From debbugs-submit-bounces@debbugs.gnu.org Tue Mar 01 09:01:23 2022 Received: (at 54205) by debbugs.gnu.org; 1 Mar 2022 14:01:24 +0000 Received: from localhost ([127.0.0.1]:35896 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nP347-00038L-Kb for submit@debbugs.gnu.org; Tue, 01 Mar 2022 09:01:23 -0500 Received: from mailrelay.tugraz.at ([129.27.2.202]:16718) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nP346-00038D-D6 for 54205@debbugs.gnu.org; Tue, 01 Mar 2022 09:01:23 -0500 Received: from lprikler-laptop.ist.intra (gw.ist.tugraz.at [129.27.202.101]) by mailrelay.tugraz.at (Postfix) with ESMTPSA id 4K7JnW2Jb3z1LWpZ; Tue, 1 Mar 2022 15:01:19 +0100 (CET) DKIM-Filter: OpenDKIM Filter v2.11.0 mailrelay.tugraz.at 4K7JnW2Jb3z1LWpZ DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tugraz.at; s=mailrelay; t=1646143279; bh=l1uGHvUzUUbOqx04tjAAg3yxzMWTrX8jwCZqN7LxEDI=; h=Subject:From:To:Cc:Date:In-Reply-To:References:From; b=nMhfkjzu2cLJ6Lhvyxh1MHKnVKfvzjKK4BGbeW8HhQR12Y3D2vEcO2H21v0wQiYpV GjTP5V9ZTgDjbPNJgSlycYUW5X8GloabdZMgcA7h8qsAiZUsERZjd1hcW+/8r6murE om7nbnqd2CXqs/3daJnMMqMSDQKBySIog4NjX4io= Message-ID: <240241970295ff5351378c915461eea180cc79d5.camel@ist.tugraz.at> Subject: Re: [PATCH v2] Factor out a public FORK-AND-CALL. From: Liliana Marie Prikler To: Attila Lendvai Date: Tue, 01 Mar 2022 15:01:18 +0100 In-Reply-To: References: <20220301072927.26525-1-attila@lendvai.name> Content-Type: text/plain; charset="UTF-8" User-Agent: Evolution 3.42.1 MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-TUG-Backscatter-control: waObeELIUl4ypBWmcn/8wQ X-Spam-Scanner: SpamAssassin 3.003001 X-Spam-Score-relay: -1.9 X-Scanned-By: MIMEDefang 2.74 on 129.27.10.116 X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 54205 Cc: 54205@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) Am Dienstag, dem 01.03.2022 um 13:04 +0000 schrieb Attila Lendvai: > > In general, I think such capabilities should be added to exec- > > command, rather than resorting to a lambda. It takes a little while > > to realize that call-in-fork, fork-and-call or whatever you want to > > name it is in fact not pure evil; mainly because shepherd could in > > its stead already invoke any lambda you throw at it. That being > > said, one should always be aware that this child process runs with > > the full permissions of shepherd, which you normally don't want to > > do for a service. > > > does the above mean that you're concerned about the security > implications? if so, then i don't understand, because Guile already > allows calling/accessing private functions/symbols, and thus this > change doesn't really increase the (already enormous) attack surface > in the guile codebase. This attack surface is less enormous if you consider the average case of a shepherd service in which the arguments to fork+exec-command are already evaluated by the time the procedure is call and thus both "sane" within and without the fork. Most of the time people are not too conscious about the fact that shepherd can already run arbitrary Guile code as part of actions and you typically only use that to its fullest extent when you're trying to do something real clever. > it does increase the shoot-oneself-in-the-foot-surface a little bit, > though. > > it's worth pointing out, though, that trusting a channel, and adding > a shepherd service defined by it to the machine's config, is > essentially giving root access to the channel author. and this is > already the case, prior to my change. > > BTW, can i not already simply pass 0, or "root" as #:user to EXEC- > COMMAND? Only if you're already root, i.e. this won't work for user shepherds, which can't become root (easily). On the other hand, I did get my user shepherd to launch pkexec commands, so that's that. > > > In my opinion, it ought to be > > > > > +(define* (fork+apply proc . args) > > [...] > > > > WDYT? > > makes sense, i'll update the patch... but given the feedback from the > two of you, should i? > > i think i'll abandon this, and implement Maxime's #:rlimits > suggestion. > > i'm not sure how much better that will be, but at least it won't make > future threading harder, and allows me to make progress with my > project. > > if anyone prefers the FORK+APPLY version, then do speak up! FWIW Maxime's complaint would also hold w.r.t. fork+exec-command, which would then be implemented in terms of fork+apply, so assuming that fork+exec-command still exists after the switch to multiple threads, we'd have to patch at least one location either way. fork+apply could make it so that less hacks are required overall to make all forking behaviour inside shepherd services as intended, but that's so far only a theoretical claim with no evidence to back it up. I think the real question is what you are trying to achieve here. If you only want to add rlimits, that's an exec-command thing. If you instead wanted to spawn a Guile function within a sandbox (rather than a completely new command), that would require something along the lines of fork+apply at least under the hood. With the things you've described, I don't think it makes sense (yet) to export fork+apply, but it might still make sense to refactor fork+exec-command under the hood. Cheers From debbugs-submit-bounces@debbugs.gnu.org Tue Mar 01 12:16:43 2022 Received: (at 54205) by debbugs.gnu.org; 1 Mar 2022 17:16:43 +0000 Received: from localhost ([127.0.0.1]:38117 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nP679-0002ir-0U for submit@debbugs.gnu.org; Tue, 01 Mar 2022 12:16:43 -0500 Received: from dustycloud.org ([50.116.34.160]:39850) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nP677-0002ij-1i for 54205@debbugs.gnu.org; Tue, 01 Mar 2022 12:16:41 -0500 Received: from chicory (localhost [127.0.0.1]) by dustycloud.org (Postfix) with ESMTPS id 52EAA26617; Tue, 1 Mar 2022 12:16:40 -0500 (EST) References: <20220301072927.26525-1-attila@lendvai.name> <240241970295ff5351378c915461eea180cc79d5.camel@ist.tugraz.at> User-agent: mu4e 1.6.10; emacs 27.2 From: Christine Lemmer-Webber To: Liliana Marie Prikler Subject: Re: [bug#54205] [PATCH v2] Factor out a public FORK-AND-CALL. Date: Tue, 01 Mar 2022 12:14:55 -0500 In-reply-to: <240241970295ff5351378c915461eea180cc79d5.camel@ist.tugraz.at> Message-ID: <87y21tk2yw.fsf@dustycloud.org> MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: -0.0 (/) X-Debbugs-Envelope-To: 54205 Cc: 54205@debbugs.gnu.org, Attila Lendvai , guix-patches@gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Liliana Marie Prikler writes: > Am Dienstag, dem 01.03.2022 um 13:04 +0000 schrieb Attila Lendvai: >> > In general, I think such capabilities should be added to exec- >> > command, rather than resorting to a lambda. It takes a little while >> > to realize that call-in-fork, fork-and-call or whatever you want to >> > name it is in fact not pure evil; mainly because shepherd could in >> > its stead already invoke any lambda you throw at it. That being >> > said, one should always be aware that this child process runs with >> > the full permissions of shepherd, which you normally don't want to >> > do for a service. >> >> >> does the above mean that you're concerned about the security >> implications? if so, then i don't understand, because Guile already >> allows calling/accessing private functions/symbols, and thus this >> change doesn't really increase the (already enormous) attack surface >> in the guile codebase. > This attack surface is less enormous if you consider the average case > of a shepherd service in which the arguments to fork+exec-command are > already evaluated by the time the procedure is call and thus both > "sane" within and without the fork. Most of the time people are not > too conscious about the fact that shepherd can already run arbitrary > Guile code as part of actions and you typically only use that to its > fullest extent when you're trying to do something real clever. In general this would be improved if we move Guix in general, and the Shepherd services in particular, to an object capability based security model. It's on my TODO to lay out a sketch for how this could happen, assuming there's support for it in the community (which I don't expect to go one way or another until a plan is laid out to talk about). From debbugs-submit-bounces@debbugs.gnu.org Wed Mar 02 11:05:37 2022 Received: (at 54205) by debbugs.gnu.org; 2 Mar 2022 16:05:37 +0000 Received: from localhost ([127.0.0.1]:40588 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nPRTt-0006sw-1l for submit@debbugs.gnu.org; Wed, 02 Mar 2022 11:05:37 -0500 Received: from hera.aquilenet.fr ([185.233.100.1]:36716) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nPRTr-0006si-1s for 54205@debbugs.gnu.org; Wed, 02 Mar 2022 11:05:35 -0500 Received: from localhost (localhost [127.0.0.1]) by hera.aquilenet.fr (Postfix) with ESMTP id 762E9801; Wed, 2 Mar 2022 17:05:28 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at aquilenet.fr Received: from hera.aquilenet.fr ([127.0.0.1]) by localhost (hera.aquilenet.fr [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mxuPtlAx83p7; Wed, 2 Mar 2022 17:05:27 +0100 (CET) Received: from ribbon (91-160-117-201.subs.proxad.net [91.160.117.201]) by hera.aquilenet.fr (Postfix) with ESMTPSA id 1A8E1D2; Wed, 2 Mar 2022 17:05:27 +0100 (CET) From: =?utf-8?Q?Ludovic_Court=C3=A8s?= To: Maxime Devos Subject: Re: bug#54205: [PATCH Shepherd] Factor out a public CALL-IN-FORK. References: <20220301070615.21028-1-attila@lendvai.name> Date: Wed, 02 Mar 2022 17:05:26 +0100 In-Reply-To: (Maxime Devos's message of "Tue, 01 Mar 2022 13:47:09 +0100") Message-ID: <87lexs1gs9.fsf_-_@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spamd-Bar: / Authentication-Results: hera.aquilenet.fr; none X-Rspamd-Server: hera X-Rspamd-Queue-Id: 762E9801 X-Spamd-Result: default: False [-0.10 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; TO_DN_SOME(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; MID_RHS_MATCH_FROM(0.00)[] X-Spam-Score: 1.0 (+) X-Debbugs-Envelope-To: 54205 Cc: 54205@debbugs.gnu.org, Attila Lendvai X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.0 (/) Hi, Maxime Devos skribis: > Attila Lendvai schreef op di 01-03-2022 om 08:06 [+0100]: >> their service is started.=C2=A0 One such example is calling setrlimit fr= om a start >> action to set NOFILE (the open files limit), before the service is exec'= ed and >> thus inherits this value from the parent process, i.e. from Shepherd. > > 'fork+exec-command' already accepts a 'environment-variables' and > 'file-creation-mask', how about adding an 'open-file-limit' argument? > To me, that seems more declarative and less fragile than having > to call 'call-in-fork' manually in a 'start' procedure (*). Seconded. > Support for other rlimits can be added on an as-needed basis. > Alternatively, the argument could be generalised to a more general > 'rlimit' argument: > > #:rlimits > `((,RLIMIT_AS ,SOFT ,HARD) > (,RLIMIT_NPROC ,SOFT ,HARD) > (,RLIMIT_NOFILE ,SOFT ,HARD)) > > WDYT? This interface brings more flexibility, I=E2=80=99m all for it. > (*) E.g., one of the ideas for making shepherd faster, was using some > kind of multi-threading. Forking when multi-threading is ill-defined I think what we need is concurrency, not POSIX threads. IOW, we can achieve the concurrency we need without resorting to POSIX threads, for example using Fibers on a single POSIX thread. Thanks, Ludo=E2=80=99. From debbugs-submit-bounces@debbugs.gnu.org Wed Mar 02 13:21:22 2022 Received: (at 54205) by debbugs.gnu.org; 2 Mar 2022 18:21:22 +0000 Received: from localhost ([127.0.0.1]:40714 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nPTbG-0001wV-Jg for submit@debbugs.gnu.org; Wed, 02 Mar 2022 13:21:22 -0500 Received: from baptiste.telenet-ops.be ([195.130.132.51]:46052) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nPTbF-0001wL-6A for 54205@debbugs.gnu.org; Wed, 02 Mar 2022 13:21:22 -0500 Received: from ptr-bvsjgyhxw7psv60dyze.18120a2.ip6.access.telenet.be ([IPv6:2a02:1811:8c09:9d00:3c5f:2eff:feb0:ba5a]) by baptiste.telenet-ops.be with bizsmtp id 1WMK270064UW6Th01WMK5a; Wed, 02 Mar 2022 19:21:19 +0100 Message-ID: Subject: Re: bug#54205: [PATCH Shepherd] Factor out a public CALL-IN-FORK. From: Maxime Devos To: Ludovic =?ISO-8859-1?Q?Court=E8s?= Date: Wed, 02 Mar 2022 19:21:14 +0100 In-Reply-To: <87lexs1gs9.fsf_-_@gnu.org> References: <20220301070615.21028-1-attila@lendvai.name> <87lexs1gs9.fsf_-_@gnu.org> Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="=-d37Z+jk2Klojp1UNGtIa" User-Agent: Evolution 3.38.3-1 MIME-Version: 1.0 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telenet.be; s=r22; t=1646245279; bh=0JQJxQJUulFRZapHcY4cwNhf9mqusXrZbp9c8+GevNs=; h=Subject:From:To:Cc:Date:In-Reply-To:References; b=XB8L/JeYVx4Wxny6kfzA9s2lgk6oXZoQzKeZEgDYS7CGM3BJfJpJPGwEkv7DjSJ+6 PvLMfbir5aozzugXthWndVYNMe7QSNXKV1vgxisQfmhwO5WyW5nKZjy+07d8iZiZNe AWIfQ9qbUWtTKf4mXig860u0vspotWIpLaM0aW2DDV06v08dfSTyVvpW2Z1XHJSw6o 1bzkf7KcuzrzzL5mSCZB52gHbSEDTAcvRApYHVLW+G6UHLvI0iULaiiE0YUdY14kAa 7+KUG/T8EIiAVIr3yQppYH1sqc2MH2DQfAxSwoA6jn/GHOJ2U1T15bcrliuf43ftaO YtLRMcFy100LA== X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 54205 Cc: 54205@debbugs.gnu.org, Attila Lendvai X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.7 (-) --=-d37Z+jk2Klojp1UNGtIa Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Ludovic Court=C3=A8s schreef op wo 02-03-2022 om 17:05 [+0100]: > I think what we need is concurrency, not POSIX threads.=C2=A0 IOW, we can > achieve the concurrency we need without resorting to POSIX threads, for > example using Fibers on a single POSIX thread. guile-fibers uses threads internally, e.g. in (fibers interrupts). Interrupts can theoretically be avoided, but that has a downside that if a start procedure goes into infinite loop (while forgetting to sleep), the whole shepherd would hang. I'm not saying that we need POSIX threads per-se -- I find 'choice-operation', 'perform-operation', the channel operations and Fibers conditions much more convenient than the (lack of) POSIX equivalents, but I'd prefer avoiding the assumption of single-threading where feasible, to make it ourselves not harder than necessary in the future, in case it turns out we need POSIX threading somewhere (even if only as an implementation detail). Greetings, Maxime. --=-d37Z+jk2Klojp1UNGtIa Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- iI0EABYKADUWIQTB8z7iDFKP233XAR9J4+4iGRcl7gUCYh+1mhccbWF4aW1lZGV2 b3NAdGVsZW5ldC5iZQAKCRBJ4+4iGRcl7gmQAQD4VnFmox1iVeL7BooUkGDLkxus jAqzpyn4eRhC25N30AEAn/ljEQuxDDlnauqTSLJUrUu+i3W7Q90JqxSZhYzNjAk= =WTNF -----END PGP SIGNATURE----- --=-d37Z+jk2Klojp1UNGtIa-- From debbugs-submit-bounces@debbugs.gnu.org Thu Mar 03 03:05:06 2022 Received: (at 54205) by debbugs.gnu.org; 3 Mar 2022 08:05:06 +0000 Received: from localhost ([127.0.0.1]:41368 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nPgSQ-0007sm-JC for submit@debbugs.gnu.org; Thu, 03 Mar 2022 03:05:06 -0500 Received: from mail-4317.proton.ch ([185.70.43.17]:53169) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nPgSO-0007s6-4o for 54205@debbugs.gnu.org; Thu, 03 Mar 2022 03:05:04 -0500 Date: Thu, 03 Mar 2022 08:04:53 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lendvai.name; s=protonmail3; t=1646294697; bh=cZIVownahb7lNaIPN/wV0dgpQE/U6qCUhJNp6+TMHI4=; h=Date:To:From:Cc:Reply-To:Subject:Message-ID:In-Reply-To: References:From:To:Cc:Date:Subject:Reply-To:Feedback-ID: Message-ID; b=iYEPCa9bWB65mHq3ZGN5myDRycsGYJtzpzU4AoMONtZ2UluygVpRow2l4CPr41PQl 68vQ8UX+0Yhchu7OPHgOhG02NvKkCWwww37irHoOmBboPkpc+VvVWm8nK0OxwhJZES ubN1xhX9UUWQm5+1a7I0wW1xdvHhmEFYGNIkjAieYFefCMHNR90qJj7+nFKWlmJo8U Gmnd8BWDXvmWI+t0YPOjaSxY8Ch9s9HjsrYKAUu7IIGXQheGMKeEqZ/Qg4tXkxEXmf JGmuuYfQtTAFN/55MQDXYY1vz1slcTJjubwTOBm95HHtUe2bXf4eTXaE9DB0CoLBD3 TgoyLUc2l63Dw== To: =?utf-8?Q?Ludovic_Court=C3=A8s?= From: Attila Lendvai Subject: Re: bug#54205: [PATCH Shepherd] Factor out a public CALL-IN-FORK. Message-ID: In-Reply-To: <87lexs1gs9.fsf_-_@gnu.org> References: <20220301070615.21028-1-attila@lendvai.name> <87lexs1gs9.fsf_-_@gnu.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-1.2 required=10.0 tests=ALL_TRUSTED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,T_SCC_BODY_TEXT_LINE shortcircuit=no autolearn=disabled version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on mailout.protonmail.ch X-Spam-Score: -0.0 (/) X-Debbugs-Envelope-To: 54205 Cc: 54205@debbugs.gnu.org, Maxime Devos X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Attila Lendvai Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) > > Support for other rlimits can be added on an as-needed basis. > > > > Alternatively, the argument could be generalised to a more general > > 'rlimit' argument: > > > > #:rlimits > > `((,RLIMIT_AS ,SOFT ,HARD) > > (,RLIMIT_NPROC ,SOFT ,HARD) > > (,RLIMIT_NOFILE ,SOFT ,HARD)) > > > > WDYT? > > This interface brings more flexibility, I=E2=80=99m all for it. FTR, i've filed this as a patch (with a test!). https://issues.guix.gnu.org/54215 -- =E2=80=A2 attila lendvai =E2=80=A2 PGP: 963F 5D5F 45C7 DFCD 0A39 -- =E2=80=9CIt is a miracle that curiosity survives formal education. It is a = very grave mistake to think that the enjoyment of seeing and searching can = be promoted by means of coercion and a sense of duty.=E2=80=9D =09=E2=80=94 Albert Einstein (1879=E2=80=931955), 'Autobiographical Notes' = (1949), slightly paraphrased From debbugs-submit-bounces@debbugs.gnu.org Mon Mar 21 09:03:28 2022 Received: (at control) by debbugs.gnu.org; 21 Mar 2022 13:03:28 +0000 Received: from localhost ([127.0.0.1]:36123 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nWHh2-00007U-3h for submit@debbugs.gnu.org; Mon, 21 Mar 2022 09:03:28 -0400 Received: from eggs.gnu.org ([209.51.188.92]:52800) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nWHh1-00007I-A0 for control@debbugs.gnu.org; Mon, 21 Mar 2022 09:03:27 -0400 Received: from [2001:470:142:3::e] (port=41936 helo=fencepost.gnu.org) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1nWHgw-0003jJ-30 for control@debbugs.gnu.org; Mon, 21 Mar 2022 09:03:22 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-version:Subject:From:To:Date:in-reply-to: references; bh=Z9x/sqG4ygsEZUHzwnbbAD4DI+hGa8k7ZGY1GtoDEn0=; b=JhQ7GgfzOvU5vC Vjd4bLd08qVIPWqSKLWQTn0WxPiuC/JArE9VmfuXU+P+35R7tqXDYeF5nzOIVJwzgKxI3LeTn1r7H /hl9bsDKHChPzTf2zZpBIO4KGd0j+yNnbH1l5rpf8U/KkJCZ85Pyd2lKewThRUpMbqmhA2FuJBejD uUZYtqSmQVnV9Cn3ECoOBd5/1tz5EkLOjQdmP+segydkDrwbixUy89Aw59xLP6PJjbj4xXgYyoPb3 rXhNjSnCmwvZ/J1xRCsj4vLIvx9mgZX0Q9r70GCjDSYhm4FICACwgz4E286EwcN+WpWNZppw3aObA RxO8/PrU04B4sZ3uL02w==; Received: from 91-160-117-201.subs.proxad.net ([91.160.117.201]:51895 helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1nWHgv-0007x4-3n for control@debbugs.gnu.org; Mon, 21 Mar 2022 09:03:21 -0400 Date: Mon, 21 Mar 2022 14:03:19 +0100 Message-Id: <8735jblap4.fsf@gnu.org> To: control@debbugs.gnu.org From: =?utf-8?Q?Ludovic_Court=C3=A8s?= Subject: control message for bug #54205 MIME-version: 1.0 Content-type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: control X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) tags 54205 + wontfix quit From debbugs-submit-bounces@debbugs.gnu.org Mon Mar 21 09:03:18 2022 Received: (at 54205-done) by debbugs.gnu.org; 21 Mar 2022 13:03:18 +0000 Received: from localhost ([127.0.0.1]:36119 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nWHgr-000075-TA for submit@debbugs.gnu.org; Mon, 21 Mar 2022 09:03:18 -0400 Received: from eggs.gnu.org ([209.51.188.92]:52664) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nWHgp-00006r-Dh for 54205-done@debbugs.gnu.org; Mon, 21 Mar 2022 09:03:16 -0400 Received: from [2001:470:142:3::e] (port=41932 helo=fencepost.gnu.org) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1nWHgj-0003hH-EY; Mon, 21 Mar 2022 09:03:09 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-Version:In-Reply-To:Date:References:Subject:To: From; bh=HB3n2PD4va4lNmVHQGOqLLXPeh0eRU8aUAfdLACbpIE=; b=AwpUUHnZqDnXUjC86kM9 oks+qjfK+RgIVdfI5W0kmie+kByTcNtgBUYSQb1V7VHiJKsBphyY0QBi5C6tv9eMlmRWsS/AhEBrd ZzvZPd2/u+maQpcwuwRR6vJ/LpNkzkFiN/hRetu7RTNpsA955QwdLMg3HrKPTmcMweEk8bhd2SlYg 1VksSKq44fDP/DIi6mGu02POd0I24vgYIk31fDhgFG7oRDisLOmDTspSzuhiKAyg41tBSHRm3HXCT OdxjZtH+hx++Sl1074Wfebzk7X0JRALb7Vgp3ZWiiQjeI4XqhtPHrIgAsxy479PEmcUE34YaTHlJQ w58h71fM8zxuPg==; Received: from 91-160-117-201.subs.proxad.net ([91.160.117.201]:54459 helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1nWHgj-0007f3-1b; Mon, 21 Mar 2022 09:03:09 -0400 From: =?utf-8?Q?Ludovic_Court=C3=A8s?= To: Attila Lendvai Subject: Re: bug#54205: [PATCH Shepherd] Factor out a public CALL-IN-FORK. References: <20220301070615.21028-1-attila@lendvai.name> <87lexs1gs9.fsf_-_@gnu.org> Date: Mon, 21 Mar 2022 14:03:06 +0100 In-Reply-To: (Attila Lendvai's message of "Thu, 03 Mar 2022 08:04:53 +0000") Message-ID: <874k3rlaph.fsf_-_@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 54205-done Cc: 54205-done@debbugs.gnu.org, Maxime Devos X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) Attila Lendvai skribis: > FTR, i've filed this as a patch (with a test!). > > https://issues.guix.gnu.org/54215 Awesome, closing this one! Ludo=E2=80=99. From unknown Sat Sep 13 06:04:28 2025 Received: (at fakecontrol) by fakecontrolmessage; To: internal_control@debbugs.gnu.org From: Debbugs Internal Request Subject: Internal Control Message-Id: bug archived. Date: Tue, 19 Apr 2022 11:24:04 +0000 User-Agent: Fakemail v42.6.9 # This is a fake control message. # # The action: # bug archived. thanks # This fakemail brought to you by your local debbugs # administrator