From unknown Sat Aug 16 16:57:06 2025 X-Loop: help-debbugs@gnu.org Subject: bug#78318: Replacement variables in guix-daemon.service Resent-From: Ido Yariv Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Thu, 08 May 2025 12:56:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 78318 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: 78318@debbugs.gnu.org X-Debbugs-Original-To: bug-guix@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.17467089247098 (code B ref -1); Thu, 08 May 2025 12:56:02 +0000 Received: (at submit) by debbugs.gnu.org; 8 May 2025 12:55:24 +0000 Received: from localhost ([127.0.0.1]:55580 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1uD0mZ-0001qN-LL for submit@debbugs.gnu.org; Thu, 08 May 2025 08:55:24 -0400 Received: from lists.gnu.org ([2001:470:142::17]:47424) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1uD0mW-0001q3-HE for submit@debbugs.gnu.org; Thu, 08 May 2025 08:55:20 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1uD0mQ-00023l-DU for bug-guix@gnu.org; Thu, 08 May 2025 08:55:14 -0400 Received: from mail-ej1-x629.google.com ([2a00:1450:4864:20::629]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1uD0mO-0006jz-G0 for bug-guix@gnu.org; Thu, 08 May 2025 08:55:14 -0400 Received: by mail-ej1-x629.google.com with SMTP id a640c23a62f3a-ac2ab99e16eso195941166b.0 for ; Thu, 08 May 2025 05:55:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1746708910; x=1747313710; darn=gnu.org; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=xLXrplFc5CVXMdZwpC1BmBJgB2fqa6sDwRX3CqWT27w=; b=KuSa8oeraCqUi/fg4Xg54CCr3lIHQlwNR4WRzSEp4/DjDhINi31NIDu2MU36UgfhUq 5/3hs60BWZLL/5ughRIjoy86wacbXJ9ADrJaRWXBmo7Vvfwh4VT9D/b/p4OSmd32fegG 322Hypozvn670EiWdlRoBxpgYwaCgJMMGl6lI3uR1nA+bF73lp6zltzmnbENGOhZGxI/ sHiAINDfdhWi2eK3iIIiMruAWX0xpDIMrXVXJBEL/DNMIa6SwfeOwnioi8jLGckPGxlq /ehqmcnigRXJ3O3K3AMr5gSuinnwJKODOG4ZrRNSaqtRaa6UquU76R87I3X2RQ7UrhRK ENyQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1746708910; x=1747313710; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=xLXrplFc5CVXMdZwpC1BmBJgB2fqa6sDwRX3CqWT27w=; b=I30TW0LWJVuHFcwCZ8XGK+VuclxRvug8Kd5V6cibNbOK2X5TRVkQ7AWz2XFE+mHaEO ml9zoGehmE8l4AK25l85+9ob9tr/7LW3JsE2KZoZYbwH2gz5z35Qhcf3C/Ze5pS7g/KF fnubtBHqgqXwCNBcSVdBgvMEX7bwKKc9Bk1Vl8MrumzY27iKW12bPZ3EWnwuzT4/Xwkt Ef5Bfn6bpOq8ENE1ucRt+WzA24zqA2m7GsCwsJ5icbth2boH7r890+W6u1Yy8QQqDThH 7V5RdHYCk9uAb2NgP3SSKXFecscaiH6NBi2s/hKPXZgpF1rNtzkHyKmJGjKK0Fm3QD+i OZgA== X-Gm-Message-State: AOJu0YwD52c2FwJm1m9BsvfRNVLtP20aIQy13/XCksEXkVObdNweJVl3 h+dY3X94FJ5GuissIFTbCkSNNwncWBH9y84FoNe/1oAeo+w6DnvGMMEA7Th1W32ND/Bxs4uVDJ7 4XXCiBryYUj91hvIiqjiaUkw2E9oLbuetUYk= X-Gm-Gg: ASbGncvym6AImyfWViQqvNAODrGJizKP/AuAhvRYETUyiN0W1mTGRzedAKneeH98VVY XXb+hH3gHpd7KL68s5izp9mNYM6SDo4rcvHBvhekiIqICtRLfbEXdYsBX3w/xgPyzPuAs5UL39s bDyHLigO71lbblbvxUwNoJZE1vtmfUzH/RSSwpeoMWQFFyUuhCwVOLQ7dLV98+XfXfhXw= X-Google-Smtp-Source: AGHT+IEIQUOwQJJ8pyHEzBLYb3FzN+j1aCQw6RaNwwu+n3EzYD+X1B81TjjMC4t31nrGGXfsjhUx/vps5P7KIr7iOuE= X-Received: by 2002:a17:907:940f:b0:ace:6bfb:372a with SMTP id a640c23a62f3a-ad1fe935ac4mr353636566b.54.1746708910144; Thu, 08 May 2025 05:55:10 -0700 (PDT) MIME-Version: 1.0 From: Ido Yariv Date: Thu, 8 May 2025 08:54:58 -0400 X-Gm-Features: ATxdqUG113GPCQdYUIDTLr9tObekxT9UUdYO1DHSjTbHmBRsfdDfsv8VJ10lL5E Message-ID: Content-Type: multipart/alternative; boundary="0000000000001d82e606349f5cec" Received-SPF: pass client-ip=2a00:1450:4864:20::629; envelope-from=yarivido@gmail.com; helo=mail-ej1-x629.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: 1.0 (+) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.0 (/) --0000000000001d82e606349f5cec Content-Type: text/plain; charset="UTF-8" Hi, It appears guix-daemon.service leaks some replacement variables defined in guix-daemon.service.in, e.g.: --8<---------------cut here---------------start------------->8--- Environment='GUIX_STATE_DIRECTORY=/var/guix' 'GUIX_LOCPATH=@localstatedir@/guix/profiles/per-user/root/guix-profile/lib/locale' LC_ALL=en_US.utf8 # Run under a dedicated unprivileged user account. User=guix-daemon # Bind-mount the store read-write in a private namespace, to counter the # effect of 'gnu-store.mount'. PrivateMounts=true BindPaths=@storedir@ --8<---------------cut here---------------end--------------->8--- >From what I can tell, it looks like the replacement is done by nix/local.mk (as opposed to self.scm), and the sed script there doesn't include all variables, nor is it replacing matched patterns globally. Thanks, Ido. --0000000000001d82e606349f5cec Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hi,

It appears guix-daemon.service leaks some repla= cement variables defined in
gu= ix-daemon.service.in, e.g.:
--8<---------------cut here----------= -----start------------->8---
Environment=3D'GUIX_STATE_DIRECTORY= =3D/var/guix' 'GUIX_LOCPATH=3D@localstatedir@/guix/profiles/per-use= r/root/guix-profile/lib/locale' LC_ALL=3Den_US.utf8

# Run under = a dedicated unprivileged user account.
User=3Dguix-daemon

# Bind-= mount the store read-write in a private namespace, to counter the
# effe= ct of 'gnu-store.mount'.
PrivateMounts=3Dtrue
BindPaths=3D@st= oredir@
--8<---------------cut here---------------end---------------&= gt;8---

From what I can tell, it looks like the replacement is done = by nix/local.mk (as
opposed to self.scm)= , and the sed script there doesn't include all variables,
nor is it = replacing matched patterns globally.

Thanks,
Ido.

--0000000000001d82e606349f5cec-- From debbugs-submit-bounces@debbugs.gnu.org Sat May 10 14:38:34 2025 Received: (at control) by debbugs.gnu.org; 10 May 2025 18:38:34 +0000 Received: from localhost ([127.0.0.1]:50293 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1uDp5l-0004II-Fk for submit@debbugs.gnu.org; Sat, 10 May 2025 14:38:34 -0400 Received: from fout-b7-smtp.messagingengine.com ([202.12.124.150]:40035) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1uDp5i-0004Hi-3S for control@debbugs.gnu.org; Sat, 10 May 2025 14:38:30 -0400 Received: from phl-compute-01.internal (phl-compute-01.phl.internal [10.202.2.41]) by mailfout.stl.internal (Postfix) with ESMTP id 762D211400C6; Sat, 10 May 2025 14:38:24 -0400 (EDT) Received: from phl-mailfrontend-01 ([10.202.2.162]) by phl-compute-01.internal (MEProxy); Sat, 10 May 2025 14:38:24 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name; h=cc:content-type:content-type:date:date:from:from:in-reply-to :message-id:mime-version:reply-to:subject:to:to; s=mesmtp; t= 1746902304; x=1746988704; bh=c9sm9rGAyebHJnLEJ3Z/F+W4PmcsANU29Cp l6goV/Hw=; b=YaFf0ks32SV7vNYjit9kO3SfdYQ+dgMc6Lwho+OAfNgZ+ApOKP+ ft+g3ksUcZL67HII4Jqo/y2NbJVXWm23lSLtkG3Wne3f34iAMoc5JevFw6BNTt+G ViouEfhKjgXytmyk+ZnBl0Y5MXbmbEkUfJJFbrUN/zhvojJkb6BhVR0c= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:message-id :mime-version:reply-to:subject:to:to:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm3; t=1746902304; x=1746988704; bh=c 9sm9rGAyebHJnLEJ3Z/F+W4PmcsANU29Cpl6goV/Hw=; b=WPxvX/M46Tz+s9qaT HOTrFM9nADcY5w776WTvrZVyoMd7saugxes0CmMFq9JP+rTPcOZhZx9r9Kns6X3O gSa+StNSRhxmr+QgTylbmsAPtxbKCuLa+KDhBYPrTYakvYHqtBn0G5LkNNRKtd8l WDimytdywBGKs0IRqXJDQW+SW4k0H2foiSya9JnBWzn1FT3G9ziCYNdouJaSpdUL xADSbdc/thhIkuGWdCiQ2Rzy4Q3zc8Db8wcROQaqoUjg2oKm/zutS+UOueST7aOh Yk06uK3uIf8gG5DOj7xh574X/P1rvTTJFdEbxRMaR020XDuYNw/WoULH/Cff67tz Q0jbg== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeefvddrtddtgddvleeivdegucetufdoteggodetrf dotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdggtfgfnhhsuhgsshgtrhhisggv pdfurfetoffkrfgpnffqhgenuceurghilhhouhhtmecufedttdenucfgmhhpthihuchsuh gsjhgvtghtucdluddtmdenucfjughrpeffhffvkfggtggusehttdertddttddvnecuhfhr ohhmpefnvghoucfhrghmuhhlrghrihcuoehlvghosehfrghmuhhlrghrihdrnhgrmhgvqe enucggtffrrghtthgvrhhnpefhjeeigfefvedvfeetheegledtkeevuddtgedtudeiteeh teegvdefffduffefffenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrih hlfhhrohhmpehlvghosehfrghmuhhlrghrihdrnhgrmhgvpdhnsggprhgtphhtthhopedu pdhmohguvgepshhmthhpohhuthdprhgtphhtthhopegtohhnthhrohhlseguvggssghugh hsrdhgnhhurdhorhhg X-ME-Proxy: Feedback-ID: i819c4023:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA for ; Sat, 10 May 2025 14:38:24 -0400 (EDT) Date: Sat, 10 May 2025 14:38:22 -0400 From: Leo Famulari To: control@debbugs.gnu.org Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Spam-Score: 1.3 (+) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: merge 78318 78254 78275 Content analysis details: (1.3 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [202.12.124.150 listed in sa-accredit.habeas.com] -0.0 SPF_HELO_PASS SPF: HELO matches SPF record -0.0 SPF_PASS SPF: sender matches SPF record -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [202.12.124.150 listed in list.dnswl.org] 0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [202.12.124.150 listed in bl.score.senderscore.com] 1.8 MISSING_SUBJECT Missing Subject: header 0.2 NO_SUBJECT Extra score for no subject X-Debbugs-Envelope-To: control X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 0.3 (/) merge 78318 78254 78275