From unknown Tue Jun 17 01:43:40 2025 X-Loop: help-debbugs@gnu.org Subject: bug#76282: Signal handling (like SIGINT) and guix shell --container: PID 1 Resent-From: ingar@onionmail.info Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Fri, 14 Feb 2025 09:59:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 76282 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: 76282@debbugs.gnu.org X-Debbugs-Original-To: bug-guix@gnu.org Reply-To: ingar@onionmail.info Received: via spool by submit@debbugs.gnu.org id=B.17395270957029 (code B ref -1); Fri, 14 Feb 2025 09:59:01 +0000 Received: (at submit) by debbugs.gnu.org; 14 Feb 2025 09:58:15 +0000 Received: from localhost ([127.0.0.1]:47111 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tisSc-0001pG-0C for submit@debbugs.gnu.org; Fri, 14 Feb 2025 04:58:14 -0500 Received: from lists.gnu.org ([2001:470:142::17]:33598) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1tipvz-0002gN-6m for submit@debbugs.gnu.org; Fri, 14 Feb 2025 02:16:24 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tipvs-0001Cr-Cb for bug-guix@gnu.org; Fri, 14 Feb 2025 02:16:16 -0500 Received: from vps-016a7786.vps.ovh.net ([51.178.137.74] helo=onionmail.info) by eggs.gnu.org with esmtps (TLS1.2:RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tipvp-0002rf-OV for bug-guix@gnu.org; Fri, 14 Feb 2025 02:16:16 -0500 Date: Fri, 14 Feb 2025 07:30:09 GMT MIME-Version: 1.0 X-Notice: This is an OnionMail message. See http://onionmail.info and for details X-VMAT-Sign: XAuV0VjIAJsnue/hP1NLcpb7xTISCjo1bwohehJ9DQdXvYAMcQyemfky5k69ds16 K99TgorL8GB79MV6rCp1yTtQA894/saVkZIBcFuYsBo/3TvffO3M7aJa3spKvyCn oEM9vC7LPwoXCFkG3wcb71Z8e1MsSnuycRIR//ND3VtlpCEPpZ0aPZAlKS85WskW a5Q7vew07XKICmFfPgEDyEGbqV5c/akHutOtZgCYtkTZvnzu/AOFuBJI5HFNW3CJ wnTlJkt1o1QBkaLTTIWeUHFuF5VG0jBWrHT0+QrASX0Zzrzig4TTqQlSWZhYTa2f IIL6EZRwKryxUNmEUPW79Q== X-SSL-Transaction: YES Content-Transfer-Encoding: 7bit X-VMAT-Server: vzoc4aylgsqwexe6okjbz2ix5atgdv5xyibnkcekmtg4u23syz6a7rid.onion Message-ID: From: ingar@onionmail.info Content-Type: text/plain; charset=UTF-8 Received-SPF: pass client-ip=51.178.137.74; envelope-from=ingar@onionmail.info; helo=onionmail.info X-Spam_score_int: -17 X-Spam_score: -1.8 X-Spam_bar: - X-Spam_report: (-1.8 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_SBL_A=0.1 autolearn=no autolearn_force=no X-Spam_action: no action X-Spam-Score: 1.7 (+) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: # Bug and reproducer There is a discrepancy between (expected) signal handling of programs when running them directly, vs. using `guix shell --container -- program`. An example program can be used to illustrate: ``` ; test.scm ; Test guix shell to catch ctrl-C signal Content analysis details: (1.7 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.1 URIBL_SBL_A Contains URL's A record listed in the Spamhaus SBL blocklist [URIs: ddanilov.me] 0.6 URIBL_SBL Contains an URL's NS IP listed in the Spamhaus SBL blocklist [URIs: ddanilov.me] -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2001:470:142:0:0:0:0:17 listed in] [list.dnswl.org] 1.0 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail) -0.0 SPF_HELO_PASS SPF: HELO matches SPF record X-Mailman-Approved-At: Fri, 14 Feb 2025 04:58:13 -0500 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 0.7 (/) # Bug and reproducer There is a discrepancy between (expected) signal handling of programs when running them directly, vs. using `guix shell --container -- program`. An example program can be used to illustrate: ``` ; test.scm ; Test guix shell to catch ctrl-C signal (while #t (display "In infinite loop...\n") (sleep 1)) ``` It uses guile, since bash does some extra funky signal-related things, which not every program does. My usecase is `typst watch`, a program which only exits on ctrl-C, else it loops. 1) Run as `guile test.scm` and use ctrl-C It terminates as expected. Same when using `guix shell --container guile` and then `guile test.scm` inside the container shell. 2) Run `guix shell --container guile -- guile test.scm` and use ctrl-C It doesn't terminate as expected. Only method is to get the PID and use SIGKILL (`kill -KILL `) # Reason (as far as I know): `guix shell --container -- program` starts the program with PID 1 in it's dedicated namespace. However, PID 1 is handled specially by the kernel when it comes to signal handlers. Only explicitly registered handlers are used and the default handlers are not executed for PID 1 (except SIGKILL & SIGSTOP). You can use `cat /proc//status | grep ^NStgid` to verify the PID seen by the process (rightmost number). # Sources: - https://lwn.net/Articles/532748/ ("Signals and the init process") - In docker: https://ddanilov.me/how-signals-are-handled-in-a-docker-container - Docker '--init' flag: https://docs.docker.com/reference/cli/docker/container/run/#init - bash doing funky things: https://colinxy.github.io/computer-science/2017/01/27/bash-handles-signals.html - Check namespace PID: https://unix.stackexchange.com/questions/625520/is-it-possible-to-check-the-process-id-of-child-in-different-pid-namespace # Possible fixes: - Document the behaviour (and nothing more?) This is the minimum, and I'll see if I can send a patch. This lengthy bugreport is due to undocumented & unexpected behaviour, leading down a rabbit hole ;) - Add an `--init` argument, like in docker? This adds some minimal init process to forward signals and reap processes... Not sure how minimal the shepherd is? - Do this by default, and add a --no-init argument? - ... # Workaround: Add "tini" or "catatonit" as a minimal PID 1 process. - guix shell --container guile tini -- tini guile test.scm - guix shell --container guile catatonit -- catatonit guile test.scm Best regards, Ingar From unknown Tue Jun 17 01:43:40 2025 X-Loop: help-debbugs@gnu.org Subject: bug#76282: Signal handling (like SIGINT) and guix shell --container: PID 1 Resent-From: Maxim Cournoyer Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Sat, 31 May 2025 14:51:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 76282 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: ingar@onionmail.info Cc: 76282@debbugs.gnu.org Received: via spool by 76282-submit@debbugs.gnu.org id=B76282.1748703027615 (code B ref 76282); Sat, 31 May 2025 14:51:02 +0000 Received: (at 76282) by debbugs.gnu.org; 31 May 2025 14:50:27 +0000 Received: from localhost ([127.0.0.1]:58734 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1uLNXW-00009r-P6 for submit@debbugs.gnu.org; Sat, 31 May 2025 10:50:27 -0400 Received: from mail-pj1-x102b.google.com ([2607:f8b0:4864:20::102b]:48400) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from ) id 1uLNXU-00009H-IF for 76282@debbugs.gnu.org; Sat, 31 May 2025 10:50:25 -0400 Received: by mail-pj1-x102b.google.com with SMTP id 98e67ed59e1d1-3109f106867so3628851a91.1 for <76282@debbugs.gnu.org>; Sat, 31 May 2025 07:50:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1748703018; x=1749307818; darn=debbugs.gnu.org; h=mime-version:user-agent:message-id:date:references:in-reply-to :subject:cc:to:from:from:to:cc:subject:date:message-id:reply-to; bh=NNeirF5PLB+cAA8TP2kgcowGnmxMZlse6TqMNRFVmAc=; b=i5/8ZxGoEodIaPukArNqXz+ADn+AYMDoniQUzOOIgPZyi02FdvKZOYvxpK8qHmUk/N 3spmmqXP4YI7e0BhHuhLCCBV79LCR3IO3477FCyjnQMYiMnnF5toq9xlseg19NzDdj/y esunhaQbAGQ4jFh+WzpaUC5x4K4ThLHG7Iz0CwBFDG/hKDukv4DZ7YG+mn9Do7dP8Bw5 /60LvGdI83Cgv0aTgYFDWAMk7Hi7EpKHB9O8ofCaXeOLPJ3ry84DXWbgun2f8ojz+yqH I3+3J85PBuBZcTGqU92+ZEll1sfdqGrEp/6J3ukIUHnM2b1F+D4mOXJ+Y0nq82JVNAaX l0Dg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1748703018; x=1749307818; h=mime-version:user-agent:message-id:date:references:in-reply-to :subject:cc:to:from:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=NNeirF5PLB+cAA8TP2kgcowGnmxMZlse6TqMNRFVmAc=; b=OldB1k5cp7jCmlDcAmutTJLyfWCnIwAAMIWY+rZSeHsufsZTsb3X9yBuZ5fkuO+13S kxODJ2PYMUgX09ElJazY63gYwu8nEZj5Gx+2U8zKzUpeJsSGeTVKtYBHgukAqRSDef51 Ueb2GdNkTs/gFwyM7jyTy6Y4aP6vqZ74fiW87GJqVZ6zXEiOGl8Fp+1jGFzIpf/3bVak I8xYyqOQRJED3bVZrTleF1XM2WxbqHvGgupRaOHHhkaOz2ra9yl+29yvg2MeDpdNUvDh dz7N3FVV9AdOSLELFDy6k7J+5HZYcpreoH3kQZi/gXvCrJYnbJIyM4RRxL/CogJvDJde z0qg== X-Gm-Message-State: AOJu0YxnN8tRYAQOqF252t9GlotrrA6xBWj8QcvnVqqa91aahp2QhJRn siPxfUMCIhioqxdXFO0J4UyFwt+88ViFRaReezLYqBy7lNU1sqKII+vtgL6POUvH X-Gm-Gg: ASbGncuz1ZZ5+qSQR46tyuS6hL3TqfOpQQhMp/Kw/8+VEO8BEIYUmP//qDi+1P03zf4 nRdfUE+OK69nWR8YAv8lfIZ4m7ozGf6iOBrKBU637OSVqEGkPO7aEGOtoMbJMpFgZ8s0hV6GfyS rjflxQOvkIqojopu32i+ZJmLN/TPkWIrSfZsRTHqP4xFN1gZP9E0Tcxum8kEPrO5G7XvkIsMuQ0 h5NUUAst0kqDkInGK4WIhzUf89oeMi00nH+NbPrgxPMQbQ3wQSD2fLHsAWKbeDK+Rdf34KwP8cm gZtue2qB1otwFuP/Ae9ByLNvjFTOkBxko7Di7m5i6uEfEIzJUQ== X-Google-Smtp-Source: AGHT+IFRIxONy7ZV7dZkPBlI0f3tAH4MLaTgT9D2wGxusf5dJDwcvCRjRlY1bZYjHx1oj7rSdA3oBA== X-Received: by 2002:a17:90b:2781:b0:311:d670:a0e2 with SMTP id 98e67ed59e1d1-312418661e1mr9504370a91.22.1748703017568; Sat, 31 May 2025 07:50:17 -0700 (PDT) Received: from terra ([2405:6586:be0:0:83c8:d31d:2cec:f542]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-b2eceb96fe8sm3001294a12.59.2025.05.31.07.50.15 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 31 May 2025 07:50:16 -0700 (PDT) From: Maxim Cournoyer In-Reply-To: (ingar@onionmail.info's message of "Fri, 14 Feb 2025 07:30:09 GMT") References: Date: Sat, 31 May 2025 23:50:13 +0900 Message-ID: <87sekkdeca.fsf@gmail.com> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: 0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Hi, ingar@onionmail.info writes: > # Bug and reproducer > There is a discrepancy between (expected) signal handling of programs when running them directly, > vs. using `guix shell --container -- program`. > > An example program can be used to illustrate: > ``` > ; test.scm > ; Test guix shell to catch ctrl-C signal > > (while #t > (display "In infinite loop...\n") > (sleep 1)) > ``` > > It uses guile, since bash does some extra funky signal-related things, which not every program does. > My usecase is `typst watch`, a program which only exits on ctrl-C, else it loops. > > 1) Run as `guile test.scm` and use ctrl-C > It terminates as expected. > Same when using `guix shell --container guile` and then `guile test.scm` inside the container shell. > 2) Run `guix shell --container guile -- guile test.scm` and use ctrl-C > It doesn't terminate as expected. Only method is to get the PID and use SIGKILL (`kill -KILL `) [...] Thank you for the detailed investigation! I just encountered this behavior attempting to build forgejo in a containerized environment, using the following manifest.scm file: ``` (specifications->manifest (list "coreutils" "findutils" "gcc-toolchain" "git-minimal" "go" "grep" "make" "node" "nss-certs" "sed")) ``` The problem curiously only occurs when '--' is used to launch the application; otherwise it works normally, e.g.: --8<---------------cut here---------------start------------->8--- $ guix shell -CNF -m manifest.scm [env]$ env GOPATH=/tmp TAGS="bindata timetzdata sqlite sqlite_unlock_notify" make build go: downloading go1.24.3 (linux/amd64) ^C [env]$ # aborted correctly --8<---------------cut here---------------end--------------->8--- Your analysis appears correct; the above 'make' runs with PID 3. --8<---------------cut here---------------start------------->8--- maxim@terra ~/src/forgejo$ guix shell -CNF -m manifest.scm -- env GOPATH=/tmp TAGS="bindata timetzdata sqlite sqlite_unlock_notify" make build go: downloading go1.24.3 (linux/amd64) ^Cgo: downloading go1.24.3 (linux/amd64) ^Cgo: downloading go1.24.3 (linux/amd64) ^Cgo: downloading go1.24.3 (linux/amd64) ^Cgo: downloading go1.24.3 (linux/amd64) ^CForgejo requires Go 1.24 or greater to build. You can get it at https://go.dev/dl/ make: *** [Makefile:297: go-check] Error 1 ^C^C^C^C^C^C^C^C^C # doesn't abort, need kill -9 $pid --8<---------------cut here---------------end--------------->8--- This doesn't handle signals as expected because it runs as PID 1. I agree this needs be documented or better, handled with --init ala docker. -- Thanks, Maxim From unknown Tue Jun 17 01:43:40 2025 X-Loop: help-debbugs@gnu.org Subject: bug#76282: Signal handling (like SIGINT) and guix shell --container: PID 1 Resent-From: Ludovic =?UTF-8?Q?Court=C3=A8s?= Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Sun, 01 Jun 2025 22:13:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 76282 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: Maxim Cournoyer Cc: ingar@onionmail.info, 76282@debbugs.gnu.org Received: via spool by 76282-submit@debbugs.gnu.org id=B76282.174881596613291 (code B ref 76282); Sun, 01 Jun 2025 22:13:02 +0000 Received: (at 76282) by debbugs.gnu.org; 1 Jun 2025 22:12:46 +0000 Received: from localhost ([127.0.0.1]:42863 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1uLqv6-0003SB-Uw for submit@debbugs.gnu.org; Sun, 01 Jun 2025 18:12:45 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:36514) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1uLqv4-0003Qr-2X for 76282@debbugs.gnu.org; Sun, 01 Jun 2025 18:12:42 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1uLquy-0008MF-E0; Sun, 01 Jun 2025 18:12:36 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-Version:Date:References:In-Reply-To:Subject:To: From; bh=gvY8kppVQdj2a3qPLtVuDqVXcUI/EBc3Rl5LrwmkHT4=; b=rT5hZAa5XgeQJBuR9i+R LFw9vH8q1BoNkczakviF66nSAcKW3d99rYI9qoJI3/GackHDh0zHMzdEjfdbn1xZz56FEwQFRQ14j TRn30knpTWpKj2qJRVlcHxax/xvdl0SGB2aTgsVvC1wDW454DJMGJ0hpl/Y8oQbgBYMiXLaOXM2WL QH8R8HMkt7m6UQTTY2cvBUv0OGQbW9YxVumXOrPd4GDKDwADb665JNFWo5GbVC1gjMPqj503WvZvG 5GlG3u/bqYz2rIIRMzrg+hJOe0SqlhExMXOzeGsvE/08n0dFnRu4Y7wvYkJitMCky09tiD6/wrrmX uEQyxag0tdIrag==; From: Ludovic =?UTF-8?Q?Court=C3=A8s?= In-Reply-To: <87sekkdeca.fsf@gmail.com> (Maxim Cournoyer's message of "Sat, 31 May 2025 23:50:13 +0900") References: <87sekkdeca.fsf@gmail.com> User-Agent: mu4e 1.12.11; emacs 29.4 X-URL: https://people.bordeaux.inria.fr/lcourtes/ X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4 0CFB 090B 1199 3D9A EBB5 X-OS: x86_64-pc-linux-gnu X-Revolutionary-Date: Tridi 13 Prairial an 233 de la =?UTF-8?Q?R=C3=A9volution,?= jour du Pois Date: Sun, 01 Jun 2025 23:34:20 +0200 Message-ID: <874iwz404j.fsf@gnu.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" X-Spam-Score: -2.3 (--) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hello, Maxim Cournoyer writes: > Your analysis appears correct; the above 'make' runs with PID 3. > > --8<---------------cut here---------------start------------->8--- > maxim@terra ~/src/forgejo$ guix shell -CNF -m manifest.scm -- env GOPATH= =3D/tmp TAGS=3D"bindata timetzdata sqlite sqlite_unlock_notify" make build > go: downloading go1.24.3 (linux/amd64) > ^Cgo: downloading go1.24.3 (linux/amd64) > ^Cgo: downloading go1.24.3 (linux/amd64) > ^Cgo: downloading go1.24.3 (linux/amd64) > ^Cgo: downloading go1.24.3 (linux/amd64) > ^CForgejo requires Go 1.24 or greater to build. You can get it at https:/= /go.dev/dl/ > make: *** [Makefile:297: go-check] Error 1 > ^C^C^C^C^C^C^C^C^C > # doesn't abort, need kill -9 $pid > --8<---------------cut here---------------end--------------->8--- > > This doesn't handle signals as expected because it runs as PID 1. I > agree this needs be documented or better, handled with --init ala > docker. I didn=E2=80=99t follow closely but how about this: --=-=-= Content-Type: text/x-patch Content-Disposition: inline diff --git a/guix/scripts/environment.scm b/guix/scripts/environment.scm index 1c2d222c748..43cfffbd9cb 100644 --- a/guix/scripts/environment.scm +++ b/guix/scripts/environment.scm @@ -980,6 +980,11 @@ (define* (launch-environment/container #:key command bash user user-mappings ;; Call an additional setup procedure, if provided. (when setup-hook (setup-hook profile))) + + ;; Do not run the shell as PID 1 since that prevents proper signal + ;; handling (?). + #:child-is-pid1? #f + #:guest-uid uid #:guest-gid gid #:writable-root? writable-root? --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: base64 DQpUaGFua3MsDQpMdWRv4oCZLg0K --=-=-=-- From unknown Tue Jun 17 01:43:40 2025 X-Loop: help-debbugs@gnu.org Subject: bug#76282: Signal handling (like SIGINT) and guix shell --container: PID 1 Resent-From: Tomas Volf <~@wolfsden.cz> Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Mon, 02 Jun 2025 19:25:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 76282 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: Ludovic =?UTF-8?Q?Court=C3=A8s?= Cc: ingar@onionmail.info, 76282@debbugs.gnu.org, Maxim Cournoyer Received: via spool by 76282-submit@debbugs.gnu.org id=B76282.174889226619414 (code B ref 76282); Mon, 02 Jun 2025 19:25:02 +0000 Received: (at 76282) by debbugs.gnu.org; 2 Jun 2025 19:24:26 +0000 Received: from localhost ([127.0.0.1]:55149 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1uMAll-000533-K4 for submit@debbugs.gnu.org; Mon, 02 Jun 2025 15:24:26 -0400 Received: from wolfsden.cz ([37.205.8.62]:35122) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from <~@wolfsden.cz>) id 1uMAlh-00052X-Kk for 76282@debbugs.gnu.org; Mon, 02 Jun 2025 15:24:23 -0400 Received: by wolfsden.cz (Postfix, from userid 104) id EF39436864F; Mon, 2 Jun 2025 19:24:18 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wolfsden.cz; s=mail; t=1748892258; bh=QP48aYgbIvMMzsqs59W2lNxtFZAWK1NwbmxsviAoBi0=; h=From:To:Cc:Subject:In-Reply-To:References:Date; b=IK3Z5VTaSGbgeis/P4Bo5qbMpdP7rkxwmKyH2dK2IVdMQylsFnWK3eCOQ2qa/JQQ8 r/w7ORtVBu1rKGlVVoNRBpiOgL3Yq2GHFGu4PQb/m3b47e3/ULxULwKFHcJ7ncbf5T MzlCS8LgsTQSOqFWu6Fqx30mCBcGsGMrK8WrhCbqDrbKazGuYPeyxD6TndZjFF6O+F iCpX6XyTZ3mC1JR+uHs89CgUD9UzMB+ef4zHIChJwrZJFTB0DMNzwVDk4fOypP5+H1 XQIvYR4nbI4T4nbR9Qt9dBbzlZRgvmvsm+tDNfyHvqOtBw8Ovd3Zwyr7147qI9rvaB 14xc9Fo0kEWz0FfmjAW+F9yAWovCFWxNmj6Ns4YFon3JkW/4tJNTgNM9zdVNo0+PFf MfrMxeNPvLXpy2/l3LC1286PdPcQS9FMbul2+J/cQXPiH5sHIRMpBVbTBPqoaeD46R bQzeXv5hLXDbMbHevzMTDYiXBlGJZEAZ13JkPO4M1k5Vgp0yj4oJEuoP7WkMuSildU TwIJNS6GST6p3ljOaSokSRs1AHM82njyDOEbAY5HhRbLceVXYzaTdAY5okwWPm8MgQ JI9bv3iwgddwSpw3Bpgpmp6Ersq+buFyVv4d49vzGmCkH2NRMQMHcIEcG2uM+DRKL+ 2AutRp70egxRRkdFLbxc1OCk= X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on wolfsden X-Spam-Level: X-Spam-Status: No, score=-3.1 required=5.0 tests=ALL_TRUSTED,BAYES_00, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 Received: from localhost (unknown [128.0.188.242]) by wolfsden.cz (Postfix) with ESMTPSA id 2428C366D60; Mon, 2 Jun 2025 19:24:18 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wolfsden.cz; s=mail; t=1748892258; bh=QP48aYgbIvMMzsqs59W2lNxtFZAWK1NwbmxsviAoBi0=; h=From:To:Cc:Subject:In-Reply-To:References:Date; b=IK3Z5VTaSGbgeis/P4Bo5qbMpdP7rkxwmKyH2dK2IVdMQylsFnWK3eCOQ2qa/JQQ8 r/w7ORtVBu1rKGlVVoNRBpiOgL3Yq2GHFGu4PQb/m3b47e3/ULxULwKFHcJ7ncbf5T MzlCS8LgsTQSOqFWu6Fqx30mCBcGsGMrK8WrhCbqDrbKazGuYPeyxD6TndZjFF6O+F iCpX6XyTZ3mC1JR+uHs89CgUD9UzMB+ef4zHIChJwrZJFTB0DMNzwVDk4fOypP5+H1 XQIvYR4nbI4T4nbR9Qt9dBbzlZRgvmvsm+tDNfyHvqOtBw8Ovd3Zwyr7147qI9rvaB 14xc9Fo0kEWz0FfmjAW+F9yAWovCFWxNmj6Ns4YFon3JkW/4tJNTgNM9zdVNo0+PFf MfrMxeNPvLXpy2/l3LC1286PdPcQS9FMbul2+J/cQXPiH5sHIRMpBVbTBPqoaeD46R bQzeXv5hLXDbMbHevzMTDYiXBlGJZEAZ13JkPO4M1k5Vgp0yj4oJEuoP7WkMuSildU TwIJNS6GST6p3ljOaSokSRs1AHM82njyDOEbAY5HhRbLceVXYzaTdAY5okwWPm8MgQ JI9bv3iwgddwSpw3Bpgpmp6Ersq+buFyVv4d49vzGmCkH2NRMQMHcIEcG2uM+DRKL+ 2AutRp70egxRRkdFLbxc1OCk= From: Tomas Volf <~@wolfsden.cz> In-Reply-To: <874iwz404j.fsf@gnu.org> ("Ludovic =?UTF-8?Q?Court=C3=A8s?="'s message of "Sun, 01 Jun 2025 23:34:20 +0200") References: <87sekkdeca.fsf@gmail.com> <874iwz404j.fsf@gnu.org> Date: Mon, 02 Jun 2025 21:24:17 +0200 Message-ID: <87msaq54m6.fsf@wolfsden.cz> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: 0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Ludovic Court=C3=A8s writes: > I didn=E2=80=99t follow closely but how about this: > > diff --git a/guix/scripts/environment.scm b/guix/scripts/environment.scm > index 1c2d222c748..43cfffbd9cb 100644 > --- a/guix/scripts/environment.scm > +++ b/guix/scripts/environment.scm > @@ -980,6 +980,11 @@ (define* (launch-environment/container #:key command= bash user user-mappings > ;; Call an additional setup procedure, if provided. > (when setup-hook > (setup-hook profile))) > + > + ;; Do not run the shell as PID 1 since that prevents proper si= gnal > + ;; handling (?). > + #:child-is-pid1? #f > + > #:guest-uid uid > #:guest-gid gid > #:writable-root? writable-root? Seems to fix the issue for me, nice. Reviewed-by: Tomas Volf <~@wolfsden.cz> Tomas --=20 There are only two hard things in Computer Science: cache invalidation, naming things and off-by-one errors.