GNU bug report logs - #78497
[PATCH] environment: Provide a writable /run/user/$UID.

Previous Next

To reply to this bug, email your comments to 78497 AT debbugs.gnu.org.
There is no need to reopen the bug first.

Toggle the display of automated, internal messages from the tracker.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Ludovic Courtès <ludo <at> gnu.org>
To: guix-patches <at> gnu.org
Cc: Ludovic Courtès <ludo <at> gnu.org>,
 Tomas Volf <~@wolfsden.cz>
Subject: [PATCH] environment: Provide a writable /run/user/$UID.
Date: Mon, 19 May 2025 21:30:53 +0200

* guix/scripts/environment.scm (launch-environment/container): Add
/run/user/UID to ‘file-systems’.
* tests/guix-environment-container.sh: Test it.

Change-Id: I44c70a7554a06f40d073c25929ea7c6ded356d08
---
 guix/scripts/environment.scm        | 5 +++++
 tests/guix-environment-container.sh | 3 +++
 2 files changed, 8 insertions(+)

Hello Guix!

This may sound like a recurring joke but hey! when running shepherd
in ‘guix shell -C’, I figured that a writable /run/user/$UID would
be welcome too.

Thoughts?

Ludo’.

diff --git a/guix/scripts/environment.scm b/guix/scripts/environment.scm
index 96bbc6c9fa..1c2d222c74 100644
--- a/guix/scripts/environment.scm
+++ b/guix/scripts/environment.scm
@@ -875,6 +875,11 @@ (define* (launch-environment/container #:key command bash user user-mappings
                    reqs)))
             (file-systems (append %container-file-systems
                                   (list tmpfs        ; RW /tmp
+                                        (file-system ; RW /run
+                                          (inherit tmpfs)
+                                          (mount-point
+                                           (string-append "/run/user/"
+                                                          (number->string uid))))
                                         (file-system ; RW ~
                                           (device "none")
                                           (mount-point
diff --git a/tests/guix-environment-container.sh b/tests/guix-environment-container.sh
index e1c3655846..220e6b8ec8 100644
--- a/tests/guix-environment-container.sh
+++ b/tests/guix-environment-container.sh
@@ -203,6 +203,9 @@ guix environment --bootstrap --container --ad-hoc guile-bootstrap \
 guix environment --bootstrap --container --ad-hoc guile-bootstrap \
      -- guile -c '(mkdir (string-append (getenv "HOME") "/foo"))'
 
+# And /run too!
+guix environment --bootstrap --container --ad-hoc guile-bootstrap \
+     -- guile -c '(mkdir "/run/user/1000/shepherd")'
 
 # Check the exit code.
 

base-commit: 11e88de06043d367d02ceceade84733a65f84e27
-- 
2.49.0

Message #8 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Tomas Volf <~@wolfsden.cz>
To: Ludovic Courtès <ludo <at> gnu.org>
Cc: guix-patches <at> gnu.org
Subject: Re: [PATCH] environment: Provide a writable /run/user/$UID.
Date: Tue, 20 May 2025 01:29:47 +0200

[Message part 1 (text/plain, inline)]

Ludovic Courtès <ludo <at> gnu.org> writes:

> * guix/scripts/environment.scm (launch-environment/container): Add
> /run/user/UID to ‘file-systems’.
> * tests/guix-environment-container.sh: Test it.
>
> Change-Id: I44c70a7554a06f40d073c25929ea7c6ded356d08
> ---
>  guix/scripts/environment.scm        | 5 +++++
>  tests/guix-environment-container.sh | 3 +++
>  2 files changed, 8 insertions(+)
>
> Hello Guix!
>
> This may sound like a recurring joke but hey! when running shepherd
> in ‘guix shell -C’, I figured that a writable /run/user/$UID would
> be welcome too.
>
> Thoughts?

I just wonder how many more we will need :)  Cannot really think of any,
so hopefully this is it?

>
> Ludo’.
>
> diff --git a/guix/scripts/environment.scm b/guix/scripts/environment.scm
> index 96bbc6c9fa..1c2d222c74 100644
> --- a/guix/scripts/environment.scm
> +++ b/guix/scripts/environment.scm
> @@ -875,6 +875,11 @@ (define* (launch-environment/container #:key command bash user user-mappings
>                     reqs)))
>              (file-systems (append %container-file-systems
>                                    (list tmpfs        ; RW /tmp
> +                                        (file-system ; RW /run
> +                                          (inherit tmpfs)
> +                                          (mount-point
> +                                           (string-append "/run/user/"
> +                                                          (number->string uid))))

For normal users this is fine, but for root the whole /run should be
writable, the way it is on normal system.  Thoughts?

>                                          (file-system ; RW ~
>                                            (device "none")
>                                            (mount-point
> diff --git a/tests/guix-environment-container.sh b/tests/guix-environment-container.sh
> index e1c3655846..220e6b8ec8 100644
> --- a/tests/guix-environment-container.sh
> +++ b/tests/guix-environment-container.sh
> @@ -203,6 +203,9 @@ guix environment --bootstrap --container --ad-hoc guile-bootstrap \
>  guix environment --bootstrap --container --ad-hoc guile-bootstrap \
>       -- guile -c '(mkdir (string-append (getenv "HOME") "/foo"))'
>
> +# And /run too!
> +guix environment --bootstrap --container --ad-hoc guile-bootstrap \
> +     -- guile -c '(mkdir "/run/user/1000/shepherd")'
>
>  # Check the exit code.
>
>
> base-commit: 11e88de06043d367d02ceceade84733a65f84e27

Did not test, but looks good (and since it has the test, we know it
works).  Just left a comment for consideration.

Reviewed-by: Tomas Volf <~@wolfsden.cz>

-- 
There are only two hard things in Computer Science:
cache invalidation, naming things and off-by-one errors.

[signature.asc (application/pgp-signature, inline)]

Message #11 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Ludovic Courtès <ludo <at> gnu.org>
To: guix-patches <at> gnu.org
Subject: Re: [PATCH] environment: Provide a writable /run/user/$UID.
Date: Tue, 20 May 2025 09:20:02 +0200

Hi,

Tomas Volf <~@wolfsden.cz> writes:

> I just wonder how many more we will need :)  Cannot really think of any,
> so hopefully this is it?

Hopefully!

>> +                                           (string-append "/run/user/"
>> +                                                          (number->string uid))))
>
> For normal users this is fine, but for root the whole /run should be
> writable, the way it is on normal system.  Thoughts?

For root, the whole root file system should be writable.

So I wonder if it makes sense to special-case the above to be “/run”
when UID is zero; WDYT?

Thanks,
Ludo’.

Message #14 received at 78497 <at> debbugs.gnu.org (full text, mbox):

From: Tomas Volf <~@wolfsden.cz>
To: Ludovic Courtès <ludo <at> gnu.org>
Cc: 78497 <at> debbugs.gnu.org
Subject: Re: [bug#78497] [PATCH] environment: Provide a writable
 /run/user/$UID.
Date: Tue, 20 May 2025 18:55:31 +0200

[Message part 1 (text/plain, inline)]

Ludovic Courtès <ludo <at> gnu.org> writes:

>> For normal users this is fine, but for root the whole /run should be
>> writable, the way it is on normal system.  Thoughts?
>
> For root, the whole root file system should be writable.

Well... That would be one way to solve this.  Default to --writable-root
if UID is zero.

> So I wonder if it makes sense to special-case the above to be “/run”
> when UID is zero; WDYT?

I was thinking about programs that are expected to be run as a root and
have hard-coded PID file, lock file or something else under /run.  But I
have no example to put forward.  So maybe your version is enough, and we
can revisit this in another pass later if the need realizes?

I do not really have a strong opinion either way here, just wanted to
raise the point for consideration.  Feel free to proceed with the
original version. ^_^

Tomas

-- 
There are only two hard things in Computer Science:
cache invalidation, naming things and off-by-one errors.

[signature.asc (application/pgp-signature, inline)]

Message #19 received at 78497-done <at> debbugs.gnu.org (full text, mbox):

From: Ludovic Courtès <ludo <at> gnu.org>
To: Tomas Volf <~@wolfsden.cz>
Cc: 78497-done <at> debbugs.gnu.org
Subject: Re: [bug#78497] [PATCH] environment: Provide a writable
 /run/user/$UID.
Date: Sat, 24 May 2025 15:39:43 +0200

Tomas Volf <~@wolfsden.cz> writes:

> Ludovic Courtès <ludo <at> gnu.org> writes:
>
>>> For normal users this is fine, but for root the whole /run should be
>>> writable, the way it is on normal system.  Thoughts?
>>
>> For root, the whole root file system should be writable.
>
> Well... That would be one way to solve this.  Default to --writable-root
> if UID is zero.
>
>> So I wonder if it makes sense to special-case the above to be “/run”
>> when UID is zero; WDYT?
>
> I was thinking about programs that are expected to be run as a root and
> have hard-coded PID file, lock file or something else under /run.  But I
> have no example to put forward.  So maybe your version is enough, and we
> can revisit this in another pass later if the need realizes?

Yeah, probably.  Pushed as f8527e7f2044ec7bb19efcb25158ec7aa0fe5fa3.

Let’s see if we need something else now.  :-)  I’m less concerned about
guest UID zero, because that’s probably an uncommon use case.

Thanks!

Ludo’.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.