Package: guix-patches;
Reported by: "(" <paren <at> disroot.org>
Date: Sat, 6 Aug 2022 11:43:01 UTC
Severity: normal
Tags: patch
Done: "(" <paren <at> disroot.org>
Bug is archived. No further changes may be made.
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 57016 in the body.
You can then email your comments to 57016 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
View this report as an mbox folder, status mbox, maintainer mbox
guix-patches <at> gnu.org:bug#57016; Package guix-patches.
(Sat, 06 Aug 2022 11:43:01 GMT) Full text and rfc822 format available."(" <paren <at> disroot.org>:guix-patches <at> gnu.org.
(Sat, 06 Aug 2022 11:43:01 GMT) Full text and rfc822 format available.Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
From: "(" <paren <at> disroot.org>
To: guix-patches <at> gnu.org
Cc: "\(" <paren <at> disroot.org>
Subject: [PATCH] scripts: Bail out when running pull/package commands as root.
Date: Sat, 6 Aug 2022 12:41:53 +0100
* guix/scripts/package.scm (assert-not-root): New procedure.
(%options): Add `--allow-root`.
(guix-package*): Add `#:allow-root?` keyword argument. Bail out when
Guix is being run as root if `allow-root?` is not #T and `--allow-root`
has not been passed.
* guix/scripts/install.scm (%options): Add `--allow-root` here...
* guix/scripts/remove.scm (%options): ...here...
* guix/scripts/upgrade.scm (%options): ...and here.
* guix/scripts/search.scm (guix-search): Explicitly allow execution as
root here...
* guix/scripts/show.scm (guix-show): ...and here.
* guix/scripts/pull.scm (%options): Add `--allow-root`.
(guix-pull): Bail out when Guix is being run as root if `--allow-root`
has not been passed.
A pretty common beginner mistake, it seems, is assuming that since
every other package manager you've used requires root for installing,
removing, and upgrading packages, Guix must too.
This is an especially dangerous assumption when applied to `guix pull`,
since I seem to recall that running that command as root breaks the
installation. (I'm pretty sure I once made that mistake, and spent
ages trying to figure out why it was broken.)
This commit tries to make it harder to make such an assumption, by
making commands such as `pull`, `package`, and `upgrade` bail out
when run as root. This can be overridden with the new `--allow-root`
flag for those commands.
---
guix/scripts/install.scm | 4 +++-
guix/scripts/package.scm | 30 +++++++++++++++++++++++++++---
guix/scripts/pull.scm | 11 ++++++++++-
guix/scripts/remove.scm | 4 +++-
guix/scripts/search.scm | 3 ++-
guix/scripts/show.scm | 3 ++-
guix/scripts/upgrade.scm | 4 +++-
7 files changed, 50 insertions(+), 9 deletions(-)
diff --git a/guix/scripts/install.scm b/guix/scripts/install.scm
index 63e625f266..21873e69c4 100644
--- a/guix/scripts/install.scm
+++ b/guix/scripts/install.scm
@@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2019, 2020 Ludovic Courtès <ludo <at> gnu.org>
+;;; Copyright © 2022 ( <paren <at> disroot.org>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -61,7 +62,8 @@ (define %options
;; Preserve some of the 'guix package' options.
(append (filter (lambda (option)
(any (cut member <> (option-names option))
- '("profile" "dry-run" "verbosity" "bootstrap")))
+ '("allow-root" "profile" "dry-run"
+ "verbosity" "bootstrap")))
%package-options)
%transformation-options
diff --git a/guix/scripts/package.scm b/guix/scripts/package.scm
index 7d92598efa..5dba931216 100644
--- a/guix/scripts/package.scm
+++ b/guix/scripts/package.scm
@@ -12,6 +12,7 @@
;;; Copyright © 2018 Steve Sprang <scs <at> stevesprang.com>
;;; Copyright © 2022 Josselin Poiret <dev <at> jpoiret.xyz>
;;; Copyright © 2022 Antero Mejr <antero <at> mailbox.org>
+;;; Copyright © 2022 ( <paren <at> disroot.org>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -64,7 +65,9 @@ (define-module (guix scripts package)
#:use-module (srfi srfi-37)
#:use-module (gnu packages)
#:autoload (gnu packages bootstrap) (%bootstrap-guile)
- #:export (build-and-use-profile
+ #:export (assert-not-root
+
+ build-and-use-profile
delete-generations
delete-matching-generations
guix-package
@@ -82,6 +85,19 @@ (define-module (guix scripts package)
(define %store
(make-parameter #f))
+(define (assert-not-root override-flag)
+ "Throw an error if Guix was invoked by root. This allows us to
+inform new users that it is usually a mistake to run commands such
+as `guix package' as root. OVERRIDE-FLAG should be a flag that can
+be used with the invoked command to override this requirement."
+ (when (= (getuid) 0)
+ (leave (G_ "this command should not be run as root
+
+Note: Running this command as root will only affect the `root' user,
+not the entire system, due to Guix's support for per-user package
+management. Use `~a' to continue regardless.~%")
+ override-flag)))
+
;;;
;;; Profiles.
@@ -658,6 +674,10 @@ (define %options
(values (cons `(query show ,arg)
result)
#f)))
+ (option '("allow-root") #f #f
+ (lambda (opt name arg result arg-handler)
+ (values (alist-cons 'allow-root? #t result)
+ #f)))
(append %transformation-options
%standard-build-options)))
@@ -1079,10 +1099,14 @@ (define opts
(guix-package* opts))
-(define (guix-package* opts)
+(define* (guix-package* opts #:key (allow-root? #f))
"Run the 'guix package' command on OPTS, an alist resulting for command-line
-option processing with 'parse-command-line'."
+option processing with 'parse-command-line'. If ALLOW-ROOT? is #T, don't bail
+out when running as root, even if `opts' doesn't set `allow-root?'."
(with-error-handling
+ (unless (or allow-root? (assoc-ref opts 'allow-root?))
+ (assert-not-root "--allow-root"))
+
(or (process-query opts)
(parameterize ((%store (open-connection))
(%graft? (assoc-ref opts 'graft?)))
diff --git a/guix/scripts/pull.scm b/guix/scripts/pull.scm
index b0cc459d63..7a871939af 100644
--- a/guix/scripts/pull.scm
+++ b/guix/scripts/pull.scm
@@ -2,6 +2,7 @@
;;; Copyright © 2013-2015, 2017-2022 Ludovic Courtès <ludo <at> gnu.org>
;;; Copyright © 2017 Marius Bakke <mbakke <at> fastmail.com>
;;; Copyright © 2020, 2021 Tobias Geerinckx-Rice <me <at> tobias.gr>
+;;; Copyright © 2022 ( <paren <at> disroot.org>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -45,7 +46,8 @@ (define-module (guix scripts pull)
#:use-module (git)
#:autoload (gnu packages) (fold-available-packages)
#:autoload (guix scripts package) (build-and-use-profile
- delete-matching-generations)
+ delete-matching-generations
+ assert-not-root)
#:autoload (gnu packages base) (canonical-package)
#:autoload (gnu packages bootstrap) (%bootstrap-guile)
#:autoload (gnu packages certs) (le-certs)
@@ -195,6 +197,9 @@ (define %options
(option '("bootstrap") #f #f
(lambda (opt name arg result)
(alist-cons 'bootstrap? #t result)))
+ (option '("allow-root") #f #f
+ (lambda (opt name arg result)
+ (alist-cons 'allow-root? #t result)))
(option '(#\h "help") #f #f
(lambda args
@@ -828,12 +833,16 @@ (define (no-arguments arg _)
(let* ((opts (parse-command-line args %options
(list %default-options)
#:argument-handler no-arguments))
+ (allow-root? (assoc-ref opts 'allow-root?))
(substitutes? (assoc-ref opts 'substitutes?))
(dry-run? (assoc-ref opts 'dry-run?))
(profile (or (assoc-ref opts 'profile) %current-profile))
(current-channels (profile-channels profile))
(validate-pull (assoc-ref opts 'validate-pull))
(authenticate? (assoc-ref opts 'authenticate-channels?)))
+ (unless allow-root?
+ (assert-not-root "--allow-root"))
+
(cond
((assoc-ref opts 'query)
(process-query opts profile))
diff --git a/guix/scripts/remove.scm b/guix/scripts/remove.scm
index a46ad04d56..f7cf810544 100644
--- a/guix/scripts/remove.scm
+++ b/guix/scripts/remove.scm
@@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2019, 2020 Ludovic Courtès <ludo <at> gnu.org>
+;;; Copyright © 2022 ( <paren <at> disroot.org>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -58,7 +59,8 @@ (define %options
;; Preserve some of the 'guix package' options.
(append (filter (lambda (option)
(any (cut member <> (option-names option))
- '("profile" "dry-run" "verbosity" "bootstrap")))
+ '("allow-root" "profile" "dry-run"
+ "verbosity" "bootstrap")))
%package-options)
%standard-build-options)))
diff --git a/guix/scripts/search.scm b/guix/scripts/search.scm
index 27b9da5278..efa83e066c 100644
--- a/guix/scripts/search.scm
+++ b/guix/scripts/search.scm
@@ -1,6 +1,7 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2019, 2020 Ludovic Courtès <ludo <at> gnu.org>
;;; Copyright © 2021 Simon Tournier <zimon.toutoune <at> gmail.com>
+;;; Copyright © 2022 ( <paren <at> disroot.org>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -74,4 +75,4 @@ (define opts
(unless (assoc-ref opts 'query)
(leave (G_ "missing arguments: no regular expressions to search for~%")))
- (guix-package* opts))
+ (guix-package* opts #:allow-root? #t))
diff --git a/guix/scripts/show.scm b/guix/scripts/show.scm
index c747eedd21..ae1e56469a 100644
--- a/guix/scripts/show.scm
+++ b/guix/scripts/show.scm
@@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2019, 2021 Simon Tournier <zimon.toutoune <at> gmail.com>
+;;; Copyright © 2022 ( <paren <at> disroot.org>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -73,4 +74,4 @@ (define opts
(unless (assoc-ref opts 'query)
(leave (G_ "missing arguments: no package to show~%")))
- (guix-package* (reverse opts)))
+ (guix-package* (reverse opts) #:allow-root? #t))
diff --git a/guix/scripts/upgrade.scm b/guix/scripts/upgrade.scm
index beb59cbe6f..e5a7c84108 100644
--- a/guix/scripts/upgrade.scm
+++ b/guix/scripts/upgrade.scm
@@ -2,6 +2,7 @@
;;; Copyright © 2019, 2020 Ludovic Courtès <ludo <at> gnu.org>
;;; Copyright © 2020 Jakub Kądziołka <kuba <at> kadziolka.net>
;;; Copyright © 2020 Simon Tournier <zimon.toutoune <at> gmail.com>
+;;; Copyright © 2022 ( <paren <at> disroot.org>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -65,7 +66,8 @@ (define %options
;; Preserve some of the 'guix package' options.
(append (filter (lambda (option)
(any (cut member <> (option-names option))
- '("profile" "dry-run" "verbosity" "do-not-upgrade")))
+ '("allow-root" "profile" "dry-run"
+ "verbosity" "do-not-upgrade")))
%package-options)
%transformation-options
--
2.37.1
guix-patches <at> gnu.org:bug#57016; Package guix-patches.
(Sat, 06 Aug 2022 11:48:02 GMT) Full text and rfc822 format available.Message #8 received at submit <at> debbugs.gnu.org (full text, mbox):
From: "(" <paren <at> disroot.org>
To: "(" <paren <at> disroot.org>, <guix-patches <at> gnu.org>
Subject: Re: [PATCH] scripts: Bail out when running pull/package commands as
root.
Date: Sat, 06 Aug 2022 12:46:55 +0100
This is my first patch that touches Guix internals (second if you
count the dub-build-system patch, though I don't really consider
that part of the 'internals' of Guix), so it might be a little
wonky.
I want to make the beginner's experience of Guix easier by
eliminating 'papercuts' and unintuitive behaviour, starting with
this patch. I hope it's useful! :D
-- (
guix-patches <at> gnu.org:bug#57016; Package guix-patches.
(Sat, 06 Aug 2022 11:48:02 GMT) Full text and rfc822 format available.Message #11 received at 57016 <at> debbugs.gnu.org (full text, mbox):
From: Maxime Devos <maximedevos <at> telenet.be>
To: "(" <paren <at> disroot.org>, 57016 <at> debbugs.gnu.org
Subject: Re: [bug#57016] [PATCH] scripts: Bail out when running pull/package
commands as root.
Date: Sat, 6 Aug 2022 13:47:36 +0200
[Message part 1 (text/plain, inline)]
On 06-08-2022 13:41, ( via Guix-patches via wrote: > +(define (assert-not-root override-flag) > + "Throw an error if Guix was invoked by root. This allows us to > +inform new users that it is usually a mistake to run commands such > +as `guix package' as root. OVERRIDE-FLAG should be a flag that can > +be used with the invoked command to override this requirement." > + (when (= (getuid) 0) > + (leave (G_ "this command should not be run as root > + > +Note: Running this command as root will only affect the `root' user, > +not the entire system, due to Guix's support for per-user package > +management. Use `~a' to continue regardless.~%") > + override-flag))) Looks like a nice safety net, but maybe this would better use the 'hint' mechanism for consistency in error messages? Greetings, Maxime.
[OpenPGP_0x49E3EE22191725EE.asc (application/pgp-keys, attachment)]
[OpenPGP_signature (application/pgp-signature, attachment)]
guix-patches <at> gnu.org:bug#57016; Package guix-patches.
(Sat, 06 Aug 2022 11:50:02 GMT) Full text and rfc822 format available.Message #14 received at 57016 <at> debbugs.gnu.org (full text, mbox):
From: "(" <paren <at> disroot.org>
To: "Maxime Devos" <maximedevos <at> telenet.be>, <57016 <at> debbugs.gnu.org>
Subject: Re: [bug#57016] [PATCH] scripts: Bail out when running pull/package
commands as root.
Date: Sat, 06 Aug 2022 12:48:57 +0100
On Sat Aug 6, 2022 at 12:47 PM BST, Maxime Devos wrote:
> Looks like a nice safety net, but maybe this would better use the 'hint'
> mechanism for consistency in error messages?
Thanks for the tip, I'll take a look at `hint`.
-- (
guix-patches <at> gnu.org:bug#57016; Package guix-patches.
(Sat, 06 Aug 2022 11:56:02 GMT) Full text and rfc822 format available.Message #17 received at 57016 <at> debbugs.gnu.org (full text, mbox):
From: "(" <paren <at> disroot.org>
To: 57016 <at> debbugs.gnu.org
Cc: "\(" <paren <at> disroot.org>
Subject: [PATCH v2] scripts: Bail out when running pull/package commands as
root.
Date: Sat, 6 Aug 2022 12:55:25 +0100
* guix/scripts/package.scm (assert-not-root): New procedure.
(%options): Add `--allow-root`.
(guix-package*): Add `#:allow-root?` keyword argument. Bail out when
Guix is being run as root if `allow-root?` is not #T and `--allow-root`
has not been passed.
* guix/scripts/install.scm (%options): Add `--allow-root` here...
* guix/scripts/remove.scm (%options): ...here...
* guix/scripts/upgrade.scm (%options): ...and here.
* guix/scripts/search.scm (guix-search): Explicitly allow execution as
root here...
* guix/scripts/show.scm (guix-show): ...and here.
* guix/scripts/pull.scm (%options): Add `--allow-root`.
(guix-pull): Bail out when Guix is being run as root if `--allow-root`
has not been passed.
A pretty common beginner mistake, it seems, is assuming that since
every other package manager you've used requires root for installing,
removing, and upgrading packages, Guix must too.
This is an especially dangerous assumption when applied to `guix pull`,
since I seem to recall that running that command as root breaks the
installation. (I'm pretty sure I once made that mistake, and spent
ages trying to figure out why it was broken.)
This commit tries to make it harder to make such an assumption, by
making commands such as `pull`, `package`, and `upgrade` bail out
when run as root. This can be overridden with the new `--allow-root`
flag for those commands.
---
guix/scripts/install.scm | 4 +++-
guix/scripts/package.scm | 31 ++++++++++++++++++++++++++++---
guix/scripts/pull.scm | 11 ++++++++++-
guix/scripts/remove.scm | 4 +++-
guix/scripts/search.scm | 3 ++-
guix/scripts/show.scm | 3 ++-
guix/scripts/upgrade.scm | 4 +++-
7 files changed, 51 insertions(+), 9 deletions(-)
diff --git a/guix/scripts/install.scm b/guix/scripts/install.scm
index 63e625f266..21873e69c4 100644
--- a/guix/scripts/install.scm
+++ b/guix/scripts/install.scm
@@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2019, 2020 Ludovic Courtès <ludo <at> gnu.org>
+;;; Copyright © 2022 ( <paren <at> disroot.org>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -61,7 +62,8 @@ (define %options
;; Preserve some of the 'guix package' options.
(append (filter (lambda (option)
(any (cut member <> (option-names option))
- '("profile" "dry-run" "verbosity" "bootstrap")))
+ '("allow-root" "profile" "dry-run"
+ "verbosity" "bootstrap")))
%package-options)
%transformation-options
diff --git a/guix/scripts/package.scm b/guix/scripts/package.scm
index 7d92598efa..918fd385d8 100644
--- a/guix/scripts/package.scm
+++ b/guix/scripts/package.scm
@@ -12,6 +12,7 @@
;;; Copyright © 2018 Steve Sprang <scs <at> stevesprang.com>
;;; Copyright © 2022 Josselin Poiret <dev <at> jpoiret.xyz>
;;; Copyright © 2022 Antero Mejr <antero <at> mailbox.org>
+;;; Copyright © 2022 ( <paren <at> disroot.org>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -64,7 +65,9 @@ (define-module (guix scripts package)
#:use-module (srfi srfi-37)
#:use-module (gnu packages)
#:autoload (gnu packages bootstrap) (%bootstrap-guile)
- #:export (build-and-use-profile
+ #:export (assert-not-root
+
+ build-and-use-profile
delete-generations
delete-matching-generations
guix-package
@@ -82,6 +85,20 @@ (define-module (guix scripts package)
(define %store
(make-parameter #f))
+(define (assert-not-root override-flag)
+ "Throw an error if Guix was invoked by root. This allows us to
+inform new users that it is usually a mistake to run commands such
+as `guix package' as root. OVERRIDE-FLAG should be a flag that can
+be used with the invoked command to override this requirement."
+ (when (= (getuid) 0)
+ (report-error (G_ "this command should not be run as root~%"))
+ (display-hint (format #f (G_ "Running this command as root will
+only affect the `root' user, not the entire system, due to Guix's
+support for per-user package management. Use `~a' to continue
+regardless.~%")
+ override-flag))
+ (exit 1)))
+
;;;
;;; Profiles.
@@ -658,6 +675,10 @@ (define %options
(values (cons `(query show ,arg)
result)
#f)))
+ (option '("allow-root") #f #f
+ (lambda (opt name arg result arg-handler)
+ (values (alist-cons 'allow-root? #t result)
+ #f)))
(append %transformation-options
%standard-build-options)))
@@ -1079,10 +1100,14 @@ (define opts
(guix-package* opts))
-(define (guix-package* opts)
+(define* (guix-package* opts #:key (allow-root? #f))
"Run the 'guix package' command on OPTS, an alist resulting for command-line
-option processing with 'parse-command-line'."
+option processing with 'parse-command-line'. If ALLOW-ROOT? is #T, don't bail
+out when running as root, even if `opts' doesn't set `allow-root?'."
(with-error-handling
+ (unless (or allow-root? (assoc-ref opts 'allow-root?))
+ (assert-not-root "--allow-root"))
+
(or (process-query opts)
(parameterize ((%store (open-connection))
(%graft? (assoc-ref opts 'graft?)))
diff --git a/guix/scripts/pull.scm b/guix/scripts/pull.scm
index b0cc459d63..7a871939af 100644
--- a/guix/scripts/pull.scm
+++ b/guix/scripts/pull.scm
@@ -2,6 +2,7 @@
;;; Copyright © 2013-2015, 2017-2022 Ludovic Courtès <ludo <at> gnu.org>
;;; Copyright © 2017 Marius Bakke <mbakke <at> fastmail.com>
;;; Copyright © 2020, 2021 Tobias Geerinckx-Rice <me <at> tobias.gr>
+;;; Copyright © 2022 ( <paren <at> disroot.org>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -45,7 +46,8 @@ (define-module (guix scripts pull)
#:use-module (git)
#:autoload (gnu packages) (fold-available-packages)
#:autoload (guix scripts package) (build-and-use-profile
- delete-matching-generations)
+ delete-matching-generations
+ assert-not-root)
#:autoload (gnu packages base) (canonical-package)
#:autoload (gnu packages bootstrap) (%bootstrap-guile)
#:autoload (gnu packages certs) (le-certs)
@@ -195,6 +197,9 @@ (define %options
(option '("bootstrap") #f #f
(lambda (opt name arg result)
(alist-cons 'bootstrap? #t result)))
+ (option '("allow-root") #f #f
+ (lambda (opt name arg result)
+ (alist-cons 'allow-root? #t result)))
(option '(#\h "help") #f #f
(lambda args
@@ -828,12 +833,16 @@ (define (no-arguments arg _)
(let* ((opts (parse-command-line args %options
(list %default-options)
#:argument-handler no-arguments))
+ (allow-root? (assoc-ref opts 'allow-root?))
(substitutes? (assoc-ref opts 'substitutes?))
(dry-run? (assoc-ref opts 'dry-run?))
(profile (or (assoc-ref opts 'profile) %current-profile))
(current-channels (profile-channels profile))
(validate-pull (assoc-ref opts 'validate-pull))
(authenticate? (assoc-ref opts 'authenticate-channels?)))
+ (unless allow-root?
+ (assert-not-root "--allow-root"))
+
(cond
((assoc-ref opts 'query)
(process-query opts profile))
diff --git a/guix/scripts/remove.scm b/guix/scripts/remove.scm
index a46ad04d56..f7cf810544 100644
--- a/guix/scripts/remove.scm
+++ b/guix/scripts/remove.scm
@@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2019, 2020 Ludovic Courtès <ludo <at> gnu.org>
+;;; Copyright © 2022 ( <paren <at> disroot.org>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -58,7 +59,8 @@ (define %options
;; Preserve some of the 'guix package' options.
(append (filter (lambda (option)
(any (cut member <> (option-names option))
- '("profile" "dry-run" "verbosity" "bootstrap")))
+ '("allow-root" "profile" "dry-run"
+ "verbosity" "bootstrap")))
%package-options)
%standard-build-options)))
diff --git a/guix/scripts/search.scm b/guix/scripts/search.scm
index 27b9da5278..efa83e066c 100644
--- a/guix/scripts/search.scm
+++ b/guix/scripts/search.scm
@@ -1,6 +1,7 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2019, 2020 Ludovic Courtès <ludo <at> gnu.org>
;;; Copyright © 2021 Simon Tournier <zimon.toutoune <at> gmail.com>
+;;; Copyright © 2022 ( <paren <at> disroot.org>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -74,4 +75,4 @@ (define opts
(unless (assoc-ref opts 'query)
(leave (G_ "missing arguments: no regular expressions to search for~%")))
- (guix-package* opts))
+ (guix-package* opts #:allow-root? #t))
diff --git a/guix/scripts/show.scm b/guix/scripts/show.scm
index c747eedd21..ae1e56469a 100644
--- a/guix/scripts/show.scm
+++ b/guix/scripts/show.scm
@@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2019, 2021 Simon Tournier <zimon.toutoune <at> gmail.com>
+;;; Copyright © 2022 ( <paren <at> disroot.org>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -73,4 +74,4 @@ (define opts
(unless (assoc-ref opts 'query)
(leave (G_ "missing arguments: no package to show~%")))
- (guix-package* (reverse opts)))
+ (guix-package* (reverse opts) #:allow-root? #t))
diff --git a/guix/scripts/upgrade.scm b/guix/scripts/upgrade.scm
index beb59cbe6f..e5a7c84108 100644
--- a/guix/scripts/upgrade.scm
+++ b/guix/scripts/upgrade.scm
@@ -2,6 +2,7 @@
;;; Copyright © 2019, 2020 Ludovic Courtès <ludo <at> gnu.org>
;;; Copyright © 2020 Jakub Kądziołka <kuba <at> kadziolka.net>
;;; Copyright © 2020 Simon Tournier <zimon.toutoune <at> gmail.com>
+;;; Copyright © 2022 ( <paren <at> disroot.org>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -65,7 +66,8 @@ (define %options
;; Preserve some of the 'guix package' options.
(append (filter (lambda (option)
(any (cut member <> (option-names option))
- '("profile" "dry-run" "verbosity" "do-not-upgrade")))
+ '("allow-root" "profile" "dry-run"
+ "verbosity" "do-not-upgrade")))
%package-options)
%transformation-options
--
2.37.1
guix-patches <at> gnu.org:bug#57016; Package guix-patches.
(Sat, 06 Aug 2022 11:57:01 GMT) Full text and rfc822 format available.Message #20 received at 57016 <at> debbugs.gnu.org (full text, mbox):
From: "(" <paren <at> disroot.org>
To: "Maxime Devos" <maximedevos <at> telenet.be>, <57016 <at> debbugs.gnu.org>
Subject: Re: [bug#57016] [PATCH] scripts: Bail out when running pull/package
commands as root.
Date: Sat, 06 Aug 2022 12:56:53 +0100
On Sat Aug 6, 2022 at 12:47 PM BST, Maxime Devos wrote:
> Looks like a nice safety net, but maybe this would better use the 'hint'
> mechanism for consistency in error messages?
Done in v2 :)
-- (
guix-patches <at> gnu.org:bug#57016; Package guix-patches.
(Sat, 06 Aug 2022 13:14:01 GMT) Full text and rfc822 format available.Message #23 received at submit <at> debbugs.gnu.org (full text, mbox):
From: Tobias Geerinckx-Rice <me <at> tobias.gr>
To: "(" <paren <at> disroot.org>
Cc: 57016 <at> debbugs.gnu.org, guix-patches <at> gnu.org
Subject: Re: [bug#57016] [PATCH] scripts: Bail out when running pull/package
commands as root.
Date: Sat, 06 Aug 2022 14:30:37 +0200
[Message part 1 (text/plain, inline)]
Hi (, "( via Guix-patches" via 写道: > A pretty common beginner mistake, it seems, is assuming that > since > every other package manager you've used requires root for > installing, > removing, and upgrading packages, Guix must too. > > This is an especially dangerous assumption when applied to `guix > pull`, Running ‘guix pull’ as root is fine. There was danger in running ‘sudo guix pull’ (with Guix System defaulting to ‘sudo -E’), but that was addressed in 7c52cad0464175370c44bd4695e4c01a62b8268f. If it doesn't trigger reliably, let's fix that. Running ‘guix package’ and ‘guix upgrade’ as root is also fine. If improper use of sudo/doas/… is the real issue, address *that*, not this loose proxy. Ludo' factored out some of the bits in 9be470b5d2bab7ad2048c95815fee2916d45f4ad. It could make sense to factor it out further to check, e.g., whether the effective UID matches that of the profile's parent directory. Why should OpenBSD packages get to hoard all the pedantic ownership checks? > since I seem to recall A good trigger to go investigate; not sufficient to (wrongly) imply ‘root bad’ and throw fatal errors at perfectly legitimate use(r)s. Conversely, if we reliably detect and report the true issue, there's no need for ‘--allow-root’, which by the logic of this patch would knowingly break things. We do not provide such options. Huge NAK on v2 I'm afraid, but looking forward to your thoughts, T G-R
[signature.asc (application/pgp-signature, inline)]
guix-patches <at> gnu.org:bug#57016; Package guix-patches.
(Sat, 06 Aug 2022 13:14:01 GMT) Full text and rfc822 format available."(" <paren <at> disroot.org>:"(" <paren <at> disroot.org>:Message #31 received at 57016-done <at> debbugs.gnu.org (full text, mbox):
From: "(" <paren <at> disroot.org>
To: <57016-done <at> debbugs.gnu.org>
Subject: Closing
Date: Sat, 06 Aug 2022 14:30:37 +0100
As nckx rightly pointed out, this patch isn't really useful because
`sudo guix pull` was fixed, and after a brief discussion on IRC I've
decided to close this patch.
-- (
Debbugs Internal Request <help-debbugs <at> gnu.org>
to internal_control <at> debbugs.gnu.org.
(Sun, 04 Sep 2022 11:24:05 GMT) Full text and rfc822 format available.
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.