From unknown Sun Jun 22 07:40:42 2025 X-Loop: help-debbugs@gnu.org Subject: bug#65471: home mcron service overwrites PATH with a GuixSD-only directory Resent-From: nils@landt.email Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Wed, 23 Aug 2023 11:16:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 65471 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: 65471@debbugs.gnu.org X-Debbugs-Original-To: "bug-guix@gnu.org" Received: via spool by submit@debbugs.gnu.org id=B.169278932321946 (code B ref -1); Wed, 23 Aug 2023 11:16:02 +0000 Received: (at submit) by debbugs.gnu.org; 23 Aug 2023 11:15:23 +0000 Received: from localhost ([127.0.0.1]:33006 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1qYlpZ-0005ho-E4 for submit@debbugs.gnu.org; Wed, 23 Aug 2023 07:15:23 -0400 Received: from lists.gnu.org ([2001:470:142::17]:35206) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1qYl0q-0003zd-A7 for submit@debbugs.gnu.org; Wed, 23 Aug 2023 06:22:56 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qYl0h-0007Ra-Fy for bug-guix@gnu.org; Wed, 23 Aug 2023 06:22:47 -0400 Received: from mout-p-202.mailbox.org ([2001:67c:2050:0:465::202]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_CHACHA20_POLY1305:256) (Exim 4.90_1) (envelope-from ) id 1qYl0e-0001Qh-P2 for bug-guix@gnu.org; Wed, 23 Aug 2023 06:22:47 -0400 Received: from smtp202.mailbox.org (smtp202.mailbox.org [IPv6:2001:67c:2050:b231:465::202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mout-p-202.mailbox.org (Postfix) with ESMTPS id 4RW2N04n5Mz9sqf for ; Wed, 23 Aug 2023 12:22:40 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=landt.email; s=MBO0001; t=1692786160; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type; bh=+qdVVcOGusR89GmMu9SYclu5OLMOvUQsojScUn3UXKY=; b=BLSNXiZjWXstL6Tpvlq5fTG8EqwwsWAaYv7dSkSudWUoNspHNoDMLMOu182ChJ/+TAzFRd 615vdF7p+xC5U3zTV3NyZYNV5P9xWBNBFTUy8u4np7qjdAF++Qvm9NZ2zYOXq53jkrnOOK Xos8Q0L/oSGHYxVmuBQNm68RSHME+A5K9WHQMS4b/yL6pQx6c8bghjpgwCy3/8P4kPnE9d rmk+q2/Wqj3Qi8up/zAOZBHBNpsxX4uyfVV7hquhOPOWTIIijPoeJW7FFB2NZ/1YFmAdCH sJJu79UdRjNGacwXH9EvmNc11pOMvZOeJO3cBBWNEJTO16c5mK+CzNdGOhTYJA== Date: Wed, 23 Aug 2023 12:22:40 +0200 (CEST) From: nils@landt.email Message-ID: <509099431.327298.1692786160360@office.mailbox.org> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_327297_1022314884.1692786160357" X-Priority: 3 Importance: Normal X-Rspamd-Queue-Id: 4RW2N04n5Mz9sqf Received-SPF: pass client-ip=2001:67c:2050:0:465::202; envelope-from=nils@landt.email; helo=mout-p-202.mailbox.org X-Spam_score_int: -27 X-Spam_score: -2.8 X-Spam_bar: -- X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: 1.0 (+) X-Mailman-Approved-At: Wed, 23 Aug 2023 07:15:17 -0400 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.0 (/) ------=_Part_327297_1022314884.1692786160357 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Hello, when using the home-mcron-service, PATH is set to /run/current-system/profile/bin . This directory is empty when using guix home on a foreign distro, meaning all executable paths would need to be absolute. This includes stuff like /usr/bin/ssh, /usr/bin/nice etc.. My guess for the culprit was 1c30d5a6bfc5d48137f4bdcc271189a06fdc6ed3 , which replaced the custom home-mcron-service-type with mapping it to mcron-service-type. The mcron shepherd service in old service type did not mess with the environment variables, the inherited one does: #:environment-variables (cons* "GUILE_AUTO_COMPILE=0" "PATH=/run/current-system/profile/bin" (remove (cut string-prefix? "PATH=" <>) (environ))) Strange thing is that the commit is from 2023-08-06, and I update guix almost every day, but did not run into the issue until today. But the commit seems to fit the issue perfectly, so I'm not sure what's going on at all. ------=_Part_327297_1022314884.1692786160357 MIME-Version: 1.0 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit
Hello,
 
when using the home-mcron-service, PATH is set to /run/current-system/profile/bin . This directory is empty when using guix home on a foreign distro, meaning all executable paths would need to be absolute. This includes stuff like /usr/bin/ssh, /usr/bin/nice etc..
 
My guess for the culprit was 1c30d5a6bfc5d48137f4bdcc271189a06fdc6ed3 , which replaced the custom home-mcron-service-type with mapping it to mcron-service-type. 
The mcron shepherd service in old service type did not mess with the environment variables, the inherited one does:
#:environment-variables
(cons* "GUILE_AUTO_COMPILE=0"
"PATH=/run/current-system/profile/bin"
(remove (cut string-prefix? "PATH=" <>)
(environ)))
 
Strange thing is that the commit is from 2023-08-06, and I update guix almost every day, but did not run into the issue until today. But the commit seems to fit the issue perfectly, so I'm not sure what's going on at all.
------=_Part_327297_1022314884.1692786160357-- From unknown Sun Jun 22 07:40:42 2025 X-Loop: help-debbugs@gnu.org Subject: bug#65471: home mcron service overwrites PATH with a GuixSD-only directory Resent-From: Ludovic =?UTF-8?Q?Court=C3=A8s?= Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Mon, 20 Nov 2023 22:11:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 65471 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: nils@landt.email Cc: 65471@debbugs.gnu.org Received: via spool by 65471-submit@debbugs.gnu.org id=B65471.17005182512824 (code B ref 65471); Mon, 20 Nov 2023 22:11:02 +0000 Received: (at 65471) by debbugs.gnu.org; 20 Nov 2023 22:10:51 +0000 Received: from localhost ([127.0.0.1]:54785 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1r5CTj-0000jT-C0 for submit@debbugs.gnu.org; Mon, 20 Nov 2023 17:10:51 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:39204) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1r5CTf-0000jD-BA for 65471@debbugs.gnu.org; Mon, 20 Nov 2023 17:10:50 -0500 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1r5CTV-00068s-Bn; Mon, 20 Nov 2023 17:10:37 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-Version:Date:References:In-Reply-To:Subject:To: From; bh=iUKHmJRxFCJs52U4OUTBPNvIP1mK70JD4sA/VuhccAo=; b=h7tYB5LbrEpitnhvVnCY UiBMC0AQORN5dlILHhd+NtN2wfsyMe7GfRGt7bHPqLd0tUgkzXnX334tppxNOMk538nYtTIN5i7gx kFHdBxCh7v0jtS1Z0QlOZ/kvmYMi6U4fww8z3QURI9iF1NUJJ2hstM6I1N5Iwx5bH6lUPsY4mWzVI kIMohqgeHn8zXRoDn7hq0Bo2fecHaf2M00CVtqV/nwV9M8JZa1oQaOxvKIwZzv47QKNPeKbHQCFgK mKNujbVFv5oZnzoJEI67CN+/rD5EPMEYR3PGt+VBZbM3m4zlA04WXsb22s8ibxos+nyAvevvodnj3 UtduqenAZLfPPQ==; From: Ludovic =?UTF-8?Q?Court=C3=A8s?= In-Reply-To: <509099431.327298.1692786160360@office.mailbox.org> (nils@landt.email's message of "Wed, 23 Aug 2023 12:22:40 +0200 (CEST)") References: <509099431.327298.1692786160360@office.mailbox.org> Date: Mon, 20 Nov 2023 23:10:33 +0100 Message-ID: <87jzqcoz3a.fsf@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -2.3 (--) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) Hi, Apologies for the delay. nils@landt.email skribis: > when using the home-mcron-service, PATH is set to /run/current-system/pro= file/bin . This directory is empty when using guix home on a foreign distro= , meaning all executable paths would need to be absolute. This includes stu= ff like /usr/bin/ssh, /usr/bin/nice etc.. >=20=20 > My guess for the culprit was 1c30d5a6bfc5d48137f4bdcc271189a06fdc6ed3 , w= hich replaced the custom home-mcron-service-type with mapping it to mcron-s= ervice-type.=20 > The mcron shepherd service in old service type did not mess with the envi= ronment variables, the inherited one does: > #:environment-variables > (cons* "GUILE_AUTO_COMPILE=3D0" > "PATH=3D/run/current-system/profile/bin" > (remove (cut string-prefix? "PATH=3D" <>) > (environ))) As a rule of thumb, I personally always provide absolute file names, as in #~(job =E2=80=A6 #$(file-append coreutils "/bin/ls") =E2=80=A6). I wonder what the preferred behavior would be. Restore PATH to whatever value it had when the user =E2=80=98shepherd=E2=80=99 process was started, = at the expense of making things harder to track/less reproducible? Should we leave it unset, possibly breaking programs that expect it to be set? Should we set it to =E2=80=9C/run/current-system/profile/bin:/usr/bin=E2=80= =9D or similar? Thanks, Ludo=E2=80=99. From unknown Sun Jun 22 07:40:42 2025 X-Loop: help-debbugs@gnu.org Subject: bug#65471: home mcron service overwrites PATH with a GuixSD-only directory Resent-From: Oleg Pykhalov Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Tue, 21 Nov 2023 00:48:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 65471 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: Ludovic =?UTF-8?Q?Court=C3=A8s?= Cc: 65471@debbugs.gnu.org Received: via spool by 65471-submit@debbugs.gnu.org id=B65471.170052762618063 (code B ref 65471); Tue, 21 Nov 2023 00:48:02 +0000 Received: (at 65471) by debbugs.gnu.org; 21 Nov 2023 00:47:06 +0000 Received: from localhost ([127.0.0.1]:54844 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1r5Euv-0004hE-Qt for submit@debbugs.gnu.org; Mon, 20 Nov 2023 19:47:06 -0500 Received: from mail-lj1-x22d.google.com ([2a00:1450:4864:20::22d]:41142) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1r5Euq-0004gf-Ru for 65471@debbugs.gnu.org; Mon, 20 Nov 2023 19:47:04 -0500 Received: by mail-lj1-x22d.google.com with SMTP id 38308e7fff4ca-2c6f4bc7738so12743941fa.0 for <65471@debbugs.gnu.org>; Mon, 20 Nov 2023 16:46:58 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1700527612; x=1701132412; darn=debbugs.gnu.org; h=mime-version:user-agent:message-id:date:references:in-reply-to :subject:cc:to:from:from:to:cc:subject:date:message-id:reply-to; bh=1JPhEK9WmTaOR1xOUcwVVtsIAEE7brJiseBMc6nRWY0=; b=b3GkS0IPNloL/Q8JC6rR8fk1yccNAj+ItOE3PVaSaiEzGptlO48CmwC96zMbsvNhRb CEJEHrw6/puWJ9fbNJnBr9cV4p7fQFfnEgLt9haO1kznAe05zcKEOHCjTeUtvEe6PsIJ 5s4uzc4wyGXRHiyOf602Lp0o2KrPhfrAAf28j9jOYJx78Wgxrz9fr2z6JhS+virTXflM PD9Oq23mORTM9jtV/IjuY8jIFBc3EJIu2cUKwcSZiTdghrax6GyPIeGuelOZSnAjWvQa JXXv+p98wQw2skv7Ovd3CNJcmexJNrKMouMB1c0kJlK2wPxQvhFX2eVVtf375qPUicdH ouwg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700527612; x=1701132412; h=mime-version:user-agent:message-id:date:references:in-reply-to :subject:cc:to:from:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=1JPhEK9WmTaOR1xOUcwVVtsIAEE7brJiseBMc6nRWY0=; b=oUKs8Cpk/draohlPkhhCwUE4XF5/CX6beDpZsHy1gdqtA+ESayyjtNGXz8hxZwaHhH 36T1hodyGnA3sWlDyGNOjy6j2+/InuQptiZglcY3PWXt4TPqMfn59bcgQjBqKDmf4wK6 y2yjiXsZwgcotmfnWzR4ydTXXcLMs8vv4bFz6cEB9iajg5xRYqWnNN5yrhrCa8oUrXNo +KaSPSmgvbZB0LbYmMyz4EGcxcoi4mXYx2FII/COaTDPEzMLWmLJ4S+UFBJz7qZxprhT XAKvZRkEWWu0k7aFr/Bi/t7xwbnbJnnNGzYBEMiRhLtluFGhnvTFPEk4hk9dXwXmyQMQ do/A== X-Gm-Message-State: AOJu0YxzJSjjJ+FBdflbxmnJuUqvH6Jd2IkCboI4X8m5OOIidZyJoDUr Rrgt9zYSTg9aCPEejjP1RhQ= X-Google-Smtp-Source: AGHT+IGU+zh+dEwfdriFzHRUPyIvHsDwjwp27Y4bU8hrUn07AS4e0t6CV5dyiWTko2jtKlq3Fhc4Uw== X-Received: by 2002:a2e:a7cc:0:b0:2c2:c387:7bd3 with SMTP id x12-20020a2ea7cc000000b002c2c3877bd3mr7299681ljp.0.1700527612090; Mon, 20 Nov 2023 16:46:52 -0800 (PST) Received: from localhost ([88.201.161.72]) by smtp.gmail.com with ESMTPSA id w22-20020a2e3016000000b002c023d3dadesm1137138ljw.113.2023.11.20.16.46.51 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 20 Nov 2023 16:46:51 -0800 (PST) From: Oleg Pykhalov In-Reply-To: <87jzqcoz3a.fsf@gnu.org> ("Ludovic =?UTF-8?Q?Court=C3=A8s?="'s message of "Mon, 20 Nov 2023 23:10:33 +0100") References: <509099431.327298.1692786160360@office.mailbox.org> <87jzqcoz3a.fsf@gnu.org> Date: Tue, 21 Nov 2023 03:46:50 +0300 Message-ID: <87msv8szk5.fsf@gmail.com> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-Spam-Score: -0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hi Ludovic, Ludovic Court=C3=A8s writes: [=E2=80=A6] > I wonder what the preferred behavior would be. Restore PATH to whatever > value it had when the user =E2=80=98shepherd=E2=80=99 process was started= , at the > expense of making things harder to track/less reproducible? Should we > leave it unset, possibly breaking programs that expect it to be set? > Should we set it to =E2=80=9C/run/current-system/profile/bin:/usr/bin=E2= =80=9D or > similar? 1c30d5a6 was almost 3 months ago, so we could assume most of the users are already reconfigured to this (or newer) commit and fixed their configurations accordingly. Because we probably cannot be sure how they fixed it, I think the best that we could do is not to change the current behavior again and provide a support and documentation if needed, so we don't break users configurations again. Also, the current behavior =E2=80=98PATH=3D/run/current-system/profile/bin= =E2=80=99 matches with mcron started by Shepherd on a Guix System on pretty recent commit =E2=80=98fc6bdaad57bf91609849623c5f485403c030cb49=E2=80=99, which pr= obably is better than difference of PATH dependending on is it system's Shepherd or user's Shepherd instance running. We could allow users to control an environment of mcron, but I think it should be: =2D optional for both system's and user's Shepherd instances; =2D not a default behavior, because we already switched from PATH=3D to =E2=80=98PATH=3D/run/current-system/profile/bin=E2=80=99. Regards, Oleg. --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQJIBAEBCgAyFiEEcjhxI46s62NFSFhXFn+OpQAa+pwFAmVb/foUHGdvLndpZ3Vz dEBnbWFpbC5jb20ACgkQFn+OpQAa+pzUOQ/+NT9PM7NurGNIo5KCYSxR+VHxRQY+ LjjVlbk/kH7WE+DHIAJCq6XqJVEdgblsIK97vRlgHn/+ytSYEmdXoFH3RL7eR0fO OfmDX+5AlMPtmt8DMAttv0MVt87bKRTjnG4k7hpIIEPbuY3Sln/SJd8y0/LbbziW UxUhn5U2hCjHo3gi1+BNvmTlwgZgUCnAbQup/crPo7aEFyeGQapVRSOqmjR4X/PU xgwwc9UOpkvM2yspeqBTzmP6x+l8bB4LsK4j27F0c+I4U/DwoGFdi3B/27/DT9ZD Jr9maU9YUJya5kXI0H/GraxaLg6KW0xCERfMW9XrQQ8JDckweB4aZA3+Y+bb8iXK uEWwCGGdSTZl3GI3r09bCNCJDizGp1ITgd7g9d9kawts/CMy+PL1XGbapcZ5CW/1 CNU76waPxGbJRfPmTkSuKCPGbPh6PIe/q6c0Zx6i3jd6Mn+QQCcJwOAVUA+Og+Fp qTFmK/ZAT56h91hbsS0xoyMPp/3/iSuZnRwLGK3ug6+JIq4jhGPc35qFy2LDl/KZ da7qdpHw9zxkv6dnrWTmI0hZJkzWXPNwWQF9DiNvVqz3EZicYsl2N6EQoZOqS+p0 ag/R0vZ7xI2oUgdAYx9kDf4hrq00jRIxr2nSZZCbY1tvnS6fOiub6OVb+KmjvAW4 ZkA1v98m12B99Dw= =6PxZ -----END PGP SIGNATURE----- --=-=-=-- From unknown Sun Jun 22 07:40:42 2025 X-Loop: help-debbugs@gnu.org Subject: bug#65471: home mcron service overwrites PATH with a GuixSD-only directory Resent-From: Nils Landt Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Tue, 21 Nov 2023 15:10:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 65471 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: Ludovic =?UTF-8?Q?Court=C3=A8s?= Cc: "65471@debbugs.gnu.org" <65471@debbugs.gnu.org> Received: via spool by 65471-submit@debbugs.gnu.org id=B65471.170057935620553 (code B ref 65471); Tue, 21 Nov 2023 15:10:02 +0000 Received: (at 65471) by debbugs.gnu.org; 21 Nov 2023 15:09:16 +0000 Received: from localhost ([127.0.0.1]:57172 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1r5SNI-0005LQ-2L for submit@debbugs.gnu.org; Tue, 21 Nov 2023 10:09:16 -0500 Received: from mout-p-102.mailbox.org ([80.241.56.152]:52804) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1r5SNF-0005L9-6Y for 65471@debbugs.gnu.org; Tue, 21 Nov 2023 10:09:14 -0500 Received: from smtp102.mailbox.org (smtp102.mailbox.org [10.196.197.102]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mout-p-102.mailbox.org (Postfix) with ESMTPS id 4SZSSs4MBPz9smn; Tue, 21 Nov 2023 16:09:01 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=landt.email; s=MBO0001; t=1700579341; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=8to0NVp2f4xyW3uXFxOVs0diEELOM2qNaBtqp9aEZU4=; b=ZYyHC16jQ5+1Y/Wz3YgiZ11DPLuY3Zk44ZWb2EQYRZ3XOkUl+cmCV4yzM1iWzXaffLDGbT RioP+JbHiRMudWcBP9V+7opB1yNCBdE/rnW7JnlVXwpYaIDjofjhhMWeXGaOSkRwCzsNA4 7coTLFLd5tnVW2ErC1Zx0R6A2mGpi8BRkyMaBi3UD73zitK+mg0AQ8KblZIzWvWDI6lL7y FSNCh3Aq17awqU/4rBLmRoQHbJlmwVMohltWabin9NvhHkLs2iVWo/jAa/amQHuQVrEGBE wUmcCQ/BK43UUckqEXRNb9J241F+6R7qaTqZDbdOC/3F2cvWEfewQp2W9CVWAw== Date: Tue, 21 Nov 2023 16:09:01 +0100 (CET) From: Nils Landt Message-ID: <1041149717.395497.1700579341071@office.mailbox.org> In-Reply-To: <87jzqcoz3a.fsf@gnu.org> References: <509099431.327298.1692786160360@office.mailbox.org> <87jzqcoz3a.fsf@gnu.org> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Priority: 3 Importance: Normal X-Spam-Score: -0.7 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.7 (-) > Ludovic Court=C3=A8s hat am 20.11.2023 23:10 CET geschrieb= en: > nils@landt.email skribis: >=20 > > when using the home-mcron-service, PATH is set to /run/current-system/p= rofile/bin . This directory is empty when using guix home on a foreign dist= ro, meaning all executable paths would need to be absolute. This includes s= tuff like /usr/bin/ssh, /usr/bin/nice etc.. > > =20 > > My guess for the culprit was 1c30d5a6bfc5d48137f4bdcc271189a06fdc6ed3 ,= which replaced the custom home-mcron-service-type with mapping it to mcron= -service-type.=20 > > The mcron shepherd service in old service type did not mess with the en= vironment variables, the inherited one does: > > #:environment-variables > > (cons* "GUILE_AUTO_COMPILE=3D0" > > "PATH=3D/run/current-system/profile/bin" > > (remove (cut string-prefix? "PATH=3D" <>) > > (environ))) >=20 > As a rule of thumb, I personally always provide absolute file names, as > in #~(job =E2=80=A6 #$(file-append coreutils "/bin/ls") =E2=80=A6). I do the same, but occasionally a program I call expects something to be av= ailable in PATH. For me (guix home in Debian 12), this includes Guix itself= . Running=20 /home/nl/.config/guix/current/bin/guix pull=20 in a terminal works perfectly fine, but unset PATH /home/nl/.config/guix/current/bin/guix pull=20 results in a stacktrace that ends in: In guix/scripts/pull.scm: 453:4 4 (_) In guix/build/utils.scm: 625:6 3 (which "guix") In unknown file: 2 (string-tokenize #f # =E2=80=A6) In ice-9/boot-9.scm: 1685:16 1 (raise-exception _ #:continuable? _) 1685:16 0 (raise-exception _ #:continuable? _) ice-9/boot-9.scm:1685:16: In procedure raise-exception: In procedure string-tokenize: Wrong type argument in position 1 (expecting = string): #f > I wonder what the preferred behavior would be. Restore PATH to whatever > value it had when the user =E2=80=98shepherd=E2=80=99 process was started= , at the > expense of making things harder to track/less reproducible? Should we > leave it unset, possibly breaking programs that expect it to be set? > Should we set it to =E2=80=9C/run/current-system/profile/bin:/usr/bin=E2= =80=9D or > similar? I think the previous behaviour was fine for a user level service. I'm guess= ing this was inheriting the environment variables from the shepherd process= that started mcron? Otherwise, adding /usr/local/bin:/usr/bin:/bin should be a good default I t= hink. I'm not emotionally invested either way, I have moved away from shepherd / = mcron. From unknown Sun Jun 22 07:40:42 2025 X-Loop: help-debbugs@gnu.org Subject: bug#65471: home mcron service overwrites PATH with a GuixSD-only directory References: <509099431.327298.1692786160360@office.mailbox.org> Resent-From: Tanguy LE CARROUR Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Mon, 15 Jan 2024 12:41:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 65471 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: 65471@debbugs.gnu.org Cc: go.wigust@gmail.com, ludo@gnu.org, nils@landt.email Received: via spool by 65471-submit@debbugs.gnu.org id=B65471.170532240828094 (code B ref 65471); Mon, 15 Jan 2024 12:41:01 +0000 Received: (at 65471) by debbugs.gnu.org; 15 Jan 2024 12:40:08 +0000 Received: from localhost ([127.0.0.1]:44885 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1rPMG7-0007J3-UD for submit@debbugs.gnu.org; Mon, 15 Jan 2024 07:40:08 -0500 Received: from smtp-8faf.mail.infomaniak.ch ([83.166.143.175]:41741) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1rPMG5-0007ID-BM for 65471@debbugs.gnu.org; Mon, 15 Jan 2024 07:40:06 -0500 Received: from smtp-3-0000.mail.infomaniak.ch (unknown [10.4.36.107]) by smtp-2-3000.mail.infomaniak.ch (Postfix) with ESMTPS id 4TDBYW27JWzMq5TZ; Mon, 15 Jan 2024 12:39:59 +0000 (UTC) Received: from unknown by smtp-3-0000.mail.infomaniak.ch (Postfix) with ESMTPA id 4TDBYV6ZS7z3f; Mon, 15 Jan 2024 13:39:58 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=bioneland.org; s=20230804; t=1705322399; bh=PW1/0zwNkUxDB2EyyICaBHTkpmyetO6JOkaBkuQa2fs=; h=From:To:Cc:In-Reply-To:Subject:Date:From; b=TgeMoEuOevQtHuu+lZ0sbIZYH7R6kLD+AQhSiG+6vPUgEfT0L3NTOG9EyRKos+UTo FQns88UZ9w1J4TlWdq0yFJnbzTR/3b7gfxlAbrpoNr976OoTbMARPOpYg5qvZwW10S AmmA8WmWZKD2eIxRNDqrK/Eu3pkTl/ctAY7yN5Hwgu/A3ZZJ3Dm3E2+3tI0P3hg6CA gQ4k3d9GFR8Tfwmj7mYyED9P2MG2vJ1AXbsEa7aD4EtlzVQqjw/T0JoN0RRj/rFzun s3UiIr7Ga07AuSC4CGT+OOxhL0pLPxuavMhUJN8pI/FhAGYGHishfd6iDOX+cTsnu9 9cQgERdox0gow== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable From: Tanguy LE CARROUR In-Reply-To: <1041149717.395497.1700579341071@office.mailbox.org> Date: Mon, 15 Jan 2024 13:39:58 +0100 Message-ID: <170532239853.11028.2082972878645432596@bioneland.org> User-Agent: alot/0.10 X-Infomaniak-Routing: alpha X-Spam-Score: -0.7 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.7 (-) Hi, I've just experienced the problem first hand: https://lists.gnu.org/archive/html/help-guix/2024-01/msg00091.html Nils suggested to set the `PATH` environment variable, but 1) I have no clue how to do that =F0=9F=98=85 and 2) it is not exactly the behaviour I w= ould expect from a home service. Has anything been decided? Regards, --=20 Tanguy From unknown Sun Jun 22 07:40:42 2025 X-Loop: help-debbugs@gnu.org Subject: bug#65471: home mcron service overwrites PATH with a GuixSD-only directory References: <509099431.327298.1692786160360@office.mailbox.org> In-Reply-To: <509099431.327298.1692786160360@office.mailbox.org> Resent-From: Gary Johnson Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Wed, 28 Feb 2024 15:25:04 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 65471 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: 65471@debbugs.gnu.org Received: via spool by 65471-submit@debbugs.gnu.org id=B65471.170913387626825 (code B ref 65471); Wed, 28 Feb 2024 15:25:04 +0000 Received: (at 65471) by debbugs.gnu.org; 28 Feb 2024 15:24:36 +0000 Received: from localhost ([127.0.0.1]:48535 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1rfLnN-0006yR-VZ for submit@debbugs.gnu.org; Wed, 28 Feb 2024 10:24:35 -0500 Received: from layka.disroot.org ([178.21.23.139]:47102) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1rfL8O-0004Xf-2n for 65471@debbugs.gnu.org; Wed, 28 Feb 2024 09:42:14 -0500 Received: from localhost (localhost [127.0.0.1]) by disroot.org (Postfix) with ESMTP id B28EC419D5 for <65471@debbugs.gnu.org>; Wed, 28 Feb 2024 15:41:43 +0100 (CET) X-Virus-Scanned: SPAM Filter at disroot.org Received: from layka.disroot.org ([127.0.0.1]) by localhost (disroot.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QfLQ9DGRGaDw for <65471@debbugs.gnu.org>; Wed, 28 Feb 2024 15:41:42 +0100 (CET) Date: Wed, 28 Feb 2024 08:04:29 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=disroot.org; s=mail; t=1709131302; bh=UF5cdzJkkgvIkxgHECK63E8t+Hu8vkYR2Ginf9u+1x4=; h=Date:From:To:Subject; b=JKgE3Guq2SMAnkezGb9gw13QinPYX4lrhkkYwY4oKYefkXjN8TGVbz2c23q3AnCaq WJmT/Rh0cqoF8SUYAXkwbHrRIpOgYyPjCq6jxDUifsEdzc2qoq8MTVNLjX1pHfKTmX gjgNuOd9kPiklKi0gsxU15gOZsA6RJQdsvdbXkjnDuhK6fhpr2gxH9mJVWsHutx6ve wQNnvgmXIKNijginxXadlNueU10IHEzgdUlMn3jmeTb6n8II+PLkaJcaS2vP+tTXC3 3Aqzf9w40dXHXqA5Ve/4sDxUOp721tahuRcAYId0Q0pOfeESuFYsIjPAZ9m04GVId9 XxbGZCpVDdL7g== From: Gary Johnson Message-ID: <87r0gwps6b.fsf@disroot.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -0.0 (/) X-Mailman-Approved-At: Wed, 28 Feb 2024 10:24:27 -0500 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Hi Guix, The bug in which home-mcron-service-type overwrites the user's PATH with a = single non-existent directory makes mcron completely unusable on foreign di= stros. Since it seems to me that foreign distros are the main target for ho= me mcron services (since there is no global shepherd to run mcron for you),= this really should be elevated to a high priority bug. I see that earlier in this message thread questions were raised as to what = the proper behavior should be for setting the PATH, but I think we can say = with no reservations that setting PATH to a directory that is guaranteed no= t to exist on a foreign distro is definitely not the correct choice. Also, = setting it explicitly to directories not managed by Guix profiles or Guix H= ome like /bin, /sbin, /usr/bin, /usr/sbin, /usr/local/bin, /usr/local/sbin,= and so on also isn't a great idea since users of the home-cron-service-typ= e are obviously using it through Guix Home. The correct choice IMHO is to f= ollow the principle of least surprise here. Namely, in the Guix info pages at "(guix)Top > Home Configuration > Home Se= rvices > Mcron Home Service", we have section "13.3.3 Scheduled User=E2=80= =99s Job Execution". Under home-mcron-configuration, we see the "jobs" fiel= d, which links us to "mcron job specifications(mcron)" for explanations of = how to define our mcron jobs. Following this link on to "(mcron)Top > Syntax > Guile Syntax", we encounte= r section "3.1.1 Job specification". The final paragraph in this section re= ads as follows: > The second argument to the 'job' function can be either a string, a list,= or a function. The command is executed in the home directory and with the = UID of USER. If a string is passed, it is assumed to be shell script and is= executed with the user's default shell. If a list is passed it is assumed = to be Scheme code and is _eval_'d as such. A supplied function should take = exactly zero arguments, and will be called at the pertinent times. Note the third sentence: "If a string is passed, it is assumed to be shell script and is executed wi= th the user's default shell." Reading that, I (and I imagine most mcron users) will infer that the enviro= nment my job command will run in will be the same as what I would get if I = spawned a new non-interactive shell. That is, the new mcron job shell shoul= d inherit all the environment variables that were defined when the user's s= heperd process was launched (which will be everything loaded into a standar= d login shell, such as /etc/profile, ~/.bash_profile, and everything that t= hey source like Guix Home's ~/.profile) plus a fresh run of ~/.bashrc (or t= he equivalent non-interactive shell config file for whatever shell the user= has chosen). It seems to me that this is what most people reading the manu= al are going to understand (and therefore expect) and that it is the most c= ompatible with Guix Home since all environment variables set in the `home-e= nvironment` will be available to our mcron jobs. However, with the current behavior, it appears that the shell spawned for t= he user mcron job actually reads /etc/profile and ~/.profile (but not ~/.ba= sh_profile or ~/.bashrc). The ~/.profile file sources ~/.guix-home/setup-en= vironment and then runs ~/.guix-home/on-first-login. While being very confu= sing and unintuitive (because my default shell is /bin/bash and is reported= correctly within the mcron job environment as "SHELL=3D/bin/bash"), this a= t least loads ~/.guix-home/profile/etc/profile and ~/.guix-profile/etc/prof= ile. However, since mcron then promptly erases the correctly built up PATH = from Guix Home and the user's main Guix profile, the commands executed in t= his PATH-less shell are borked. As others in this thread have previously noted, with the current behavior o= f providing an unintuitive and completely unusable PATH to user mcron jobs,= the home-mcron-service-type is largely unusable except for the simplest co= mmands in which you can use ungexp package directory expansion to build up = the locations of a Guix-installed executable. However, if any job command e= ver needs to shell out to any other executable, it will not be found, and t= he job will crash and burn. Please fix this, folks. And if you aren't willing to implement the intuitiv= e, documented, and Guix Home compatible shell behavior described above, ple= ase at the very least extend the "job" function with a keyword to allow us = to pass environment variables into the mcron job shell along with something= like the "(default-environment-variables)" function that is available for = shepherd service "start" functions. Thanks! Gary --=20 GPG Key ID: C4FBEDBD Use `gpg --search-keys tracker@disroot.org' to find me Protect yourself from surveillance: https://emailselfdefense.fsf.org =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments Why is HTML email a security nightmare? See https://useplaintext.email/ Please avoid sending me MS-Office attachments. See http://www.gnu.org/philosophy/no-word-attachments.html