GNU bug report logs - #30256
[PATCH 3/3] scripts: environment: Add --no-cwd.

Please note: This is a static page, with minimal formatting, updated once a day.
Click here to see this page with the latest information and nicer formatting.

Package: guix-patches; Reported by: Mike Gerwitz <mtg@HIDDEN>; Keywords: patch; merged with #30254; dated Fri, 26 Jan 2018 03:31:03 UTC; Maintainer for guix-patches is guix-patches@HIDDEN.
Merged 30254 30256. Request was from ludo@HIDDEN (Ludovic Courtès) to control <at> debbugs.gnu.org. Full text available.

Message received at 30256 <at> debbugs.gnu.org:


Received: (at 30256) by debbugs.gnu.org; 3 Mar 2018 14:44:47 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sat Mar 03 09:44:47 2018
Received: from localhost ([127.0.0.1]:42003 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1es8P1-0007U7-GM
	for submit <at> debbugs.gnu.org; Sat, 03 Mar 2018 09:44:47 -0500
Received: from hera.aquilenet.fr ([185.233.100.1]:52552)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <ludo@HIDDEN>) id 1es8Oz-0007U0-V0
 for 30256 <at> debbugs.gnu.org; Sat, 03 Mar 2018 09:44:46 -0500
Received: from localhost (localhost [127.0.0.1])
 by hera.aquilenet.fr (Postfix) with ESMTP id 5D1C5724F;
 Sat,  3 Mar 2018 15:44:45 +0100 (CET)
X-Virus-Scanned: Debian amavisd-new at aquilenet.fr
Received: from hera.aquilenet.fr ([127.0.0.1])
 by localhost (hera.aquilenet.fr [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id USMfBOcra-o1; Sat,  3 Mar 2018 15:44:44 +0100 (CET)
Received: from ribbon (unknown [IPv6:2a01:e0a:1d:7270:af76:b9b:ca24:c465])
 by hera.aquilenet.fr (Postfix) with ESMTPSA id 01F587127;
 Sat,  3 Mar 2018 15:44:43 +0100 (CET)
From: ludo@HIDDEN (Ludovic =?utf-8?Q?Court=C3=A8s?=)
To: Mike Gerwitz <mtg@HIDDEN>
Subject: Re: [bug#30256] [PATCH 3/3] scripts: environment: Add --no-cwd.
References: <87vag2wopo.fsf@HIDDEN> <cover.1516937216.git.mtg@HIDDEN>
 <7bc71eaa3cff48ec7dc0d4fe406dde9482b716a9.1516937216.git.mtg@HIDDEN>
 <87tvtyhhnd.fsf@HIDDEN> <877equgxx7.fsf@HIDDEN>
X-URL: http://www.fdn.fr/~lcourtes/
X-Revolutionary-Date: 13 =?utf-8?Q?Vent=C3=B4se?= an 226 de la =?utf-8?Q?R?=
 =?utf-8?Q?=C3=A9volution?=
X-PGP-Key-ID: 0x090B11993D9AEBB5
X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc
X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4  0CFB 090B 1199 3D9A EBB5
X-OS: x86_64-pc-linux-gnu
Date: Sat, 03 Mar 2018 15:44:43 +0100
In-Reply-To: <877equgxx7.fsf@HIDDEN> (Mike Gerwitz's message of "Fri, 02 Mar
 2018 13:00:36 -0500")
Message-ID: <87zi3p9q1w.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: 1.0 (+)
X-Debbugs-Envelope-To: 30256
Cc: 30256 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: 1.0 (+)

Hi Mike,

Mike Gerwitz <mtg@HIDDEN> skribis:

> Sorry I've been silent on the script you provided to me---between my GNU
> volunteer work and preparing for my LP2018 talk, I've had no free time,
> so I haven't even looked at it yet.  After the conference I'll have the
> time to collaborate a bit more.

Sure, understood!

> Also---I thought the decision was that this patchset was inappropriate
> for `guix environment`; did I misinterpret?

My initial reaction was that we shouldn=E2=80=99t stretch =E2=80=98guix env=
ironment=E2=80=99 to
do something that=E2=80=99s unrelated to environment management.

However as I looked at your patches, I found that the additions you made
are useful per se (for instance I=E2=80=99ve been wanting =E2=80=98--link-p=
rofile=E2=80=99 on a
couple of occasions for reasons like the one you gave, Fontconfig,
etc.).  And the patches had tests, documentation, and everything, so it
seemed more beneficial to include them.  :-)

> I admit that I forgot some of the implementation details of my own
> patch; I'd have to look at it in more detail.  I'll consider it tonight
> or this weekend.

OK!

> Thanks for taking a look at and applying these.  If there are better
> solutions, I'm fine with that---I just wanted a proof-of-concept to
> start the discussion.  Though, starting the discussion and then ducking
> out for other obligations wasn't quite what I had in mind...

Sure.  I think the issue of least-authority execution of programs
remains open anway.  Do we want a =E2=80=98guix run=E2=80=99-like command? =
 Something in
the shell, but which shell(s) then?  Automatically-generated wrappers so
we don=E2=80=99t depend on specific shells?

Thanks,
Ludo=E2=80=99.




Information forwarded to guix-patches@HIDDEN:
bug#30256; Package guix-patches. Full text available.

Message received at 30256 <at> debbugs.gnu.org:


Received: (at 30256) by debbugs.gnu.org; 2 Mar 2018 18:02:10 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Fri Mar 02 13:02:10 2018
Received: from localhost ([127.0.0.1]:41508 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1erp0U-00072f-BV
	for submit <at> debbugs.gnu.org; Fri, 02 Mar 2018 13:02:10 -0500
Received: from eggs.gnu.org ([208.118.235.92]:50260)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <mtg@HIDDEN>) id 1erp0S-00072Q-Fw
 for 30256 <at> debbugs.gnu.org; Fri, 02 Mar 2018 13:02:08 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <mtg@HIDDEN>) id 1erp0M-0001Q7-0K
 for 30256 <at> debbugs.gnu.org; Fri, 02 Mar 2018 13:02:03 -0500
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,T_RP_MATCHES_RCVD
 autolearn=disabled version=3.3.2
Received: from fencepost.gnu.org ([2001:4830:134:3::e]:34154)
 by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <mtg@HIDDEN>)
 id 1erp0J-0001KH-JC; Fri, 02 Mar 2018 13:01:59 -0500
Received: from localhost ([::1]:37287 helo=mikegerwitz-pc.gerwitz.local)
 by fencepost.gnu.org with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128)
 (Exim 4.82) (envelope-from <mtg@HIDDEN>)
 id 1erp0J-00046p-AK; Fri, 02 Mar 2018 13:01:59 -0500
From: Mike Gerwitz <mtg@HIDDEN>
To: ludo@HIDDEN (Ludovic =?utf-8?Q?Court=C3=A8s?=)
Subject: Re: [bug#30256] [PATCH 3/3] scripts: environment: Add --no-cwd.
In-Reply-To: <87tvtyhhnd.fsf@HIDDEN> ("Ludovic
 \=\?utf-8\?Q\?Court\=C3\=A8s\=22'\?\=
 \=\?utf-8\?Q\?s\?\= message of "Fri, 02 Mar 2018 11:54:30 +0100")
Date: Fri, 02 Mar 2018 13:00:36 -0500
Message-ID: <877equgxx7.fsf@HIDDEN>
References: <87vag2wopo.fsf@HIDDEN> <cover.1516937216.git.mtg@HIDDEN>
 <7bc71eaa3cff48ec7dc0d4fe406dde9482b716a9.1516937216.git.mtg@HIDDEN>
 <87tvtyhhnd.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.3 (gnu/linux)
OpenPGP: id=22175B02E626BC98D7C0C2E5F22BB8158EE30EAB
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
 micalg=pgp-sha512; protocol="application/pgp-signature"
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 2001:4830:134:3::e
X-Spam-Score: -5.0 (-----)
X-Debbugs-Envelope-To: 30256
Cc: 30256 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -5.0 (-----)

--=-=-=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

Hey, Ludo!

Sorry I've been silent on the script you provided to me---between my GNU
volunteer work and preparing for my LP2018 talk, I've had no free time,
so I haven't even looked at it yet.  After the conference I'll have the
time to collaborate a bit more.

Also---I thought the decision was that this patchset was inappropriate
for `guix environment`; did I misinterpret?

On Fri, Mar 02, 2018 at 11:54:30 +0100, Ludovic Court=C3=A8s wrote:
>> --- a/tests/guix-environment.sh
>> +++ b/tests/guix-environment.sh
>> @@ -84,6 +84,14 @@ HOME=3D"$tmpdir" guix environment --bootstrap --conta=
iner --user=3Dfoognu \
>>       --share=3D"$tmpdir/umock" \
>>       -- guile -c "$usertest"
>>=20=20
>> +# if not sharing CWD, chdir home
>> +(
>> +  cd "$tmpdir" \
>> +    && guix environment --bootstrap --container --no-cwd --user=3Dfoo  \
>> +            --ad-hoc guile-bootstrap --pure \
>> +            -- /bin/sh -c 'test $(pwd) =3D=3D "/home/foo" -a ! -d '"$tm=
pdir"
>> +)
>> +
>
> This test would fail for me because my test store is at
> ~ludo/src/guix/test-tmp/store and my CWD is ~/src/guix.  So when using
> both --user and --no-cwd, the effect is that
> ~ludo/src/guix/test-tmp/store is not available at all within the
> container, and thus execve("/bin/sh") fails with ENOENT:
>
> $ ./test-env guix environment --bootstrap --container --no-cwd --user=3Df=
oo --ad-hoc guile-bootstrap
> accepted connection from pid 29684, user ludo
> accepted connection from pid 29695, user ludo
> ./test-env: line 1: 29683 Terminated              "/home/ludo/src/guix/pr=
e-inst-env" "/home/ludo/src/guix/guix-daemon" --disable-chroot --substitute=
-urls=3D"$GUIX_BINARY_SUBSTITUTE_URL"
> $ echo $?
> 1
>
> Thoughts?

I admit that I forgot some of the implementation details of my own
patch; I'd have to look at it in more detail.  I'll consider it tonight
or this weekend.

Thanks for taking a look at and applying these.  If there are better
solutions, I'm fine with that---I just wanted a proof-of-concept to
start the discussion.  Though, starting the discussion and then ducking
out for other obligations wasn't quite what I had in mind...

=2D-=20
Mike Gerwitz
Free Software Hacker+Activist | GNU Maintainer & Volunteer
GPG: D6E9 B930 028A 6C38 F43B  2388 FEF6 3574 5E6F 6D05
https://mikegerwitz.com

--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCgAGBQJamZFFAAoJEIyRe39dxRuiRkkQAIqrzkOPRrupZM0e2+w8B207
2Yyd8Fh4kFnis7FBpDJ9kz+FOiD3mpWYzfmCFQr/Z7CrPYVevnNXqS9sYtibKeNu
laV9dHt9LtBtWAfmwLu+DAqpOD/SCGZn8fRhWJNBwvYmq+Ojqi2PvLfhsQlXStWL
XB4ccwkCd4H+Y9JxXetT3pLQw1xLDAHnphTshU9DQ+E4qfnA5uX/wclwMzwhuYT/
kFvP40fvXVrZMLieAaQNGFNnBfiQy4/iyoOCNWVkSZYUXXflzmROuTkXePxdTtXv
JRsOzgVrdQMZoxFhyuwOB+XSq4S9Q1MVE8jeZGZ2ndyx1LLLYlsm8xtcr1W2wG4B
xq573Sqn+vvciwhAaRYt9pTIAAPYY2eMJz55rI0TysNbgzwlfJJABqtaytn4NmTL
heBEAGPcjmDcWwMkfFz001jA64NuhS0oJMcq2TZ+Zlh8+OqBwO0Ywua1R+8BoprI
BRmfJwdTcIAvo1PSPnTcMSLeOBK5s69Y74ibAQlGVxlHpLeCVjC+O3SnuauYNGMg
UewzSKOUD0kZ7xePy1Oia0K2VfmNVAH91FivfFvlK2st9gpNVqwj1vT7SQhC2SaG
WtMeFA2++ZEnGdpZRg5OjWId9cn1BoJRQHBWfLlq1mBVWA7b+AvEhJgc24DNhz/c
gDSoXDkj+c00/ZRtx6CB
=JVGH
-----END PGP SIGNATURE-----
--=-=-=--




Information forwarded to guix-patches@HIDDEN:
bug#30256; Package guix-patches. Full text available.

Message received at 30256 <at> debbugs.gnu.org:


Received: (at 30256) by debbugs.gnu.org; 2 Mar 2018 10:54:34 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Fri Mar 02 05:54:34 2018
Received: from localhost ([127.0.0.1]:40152 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1eriKg-00017A-9F
	for submit <at> debbugs.gnu.org; Fri, 02 Mar 2018 05:54:34 -0500
Received: from hera.aquilenet.fr ([185.233.100.1]:44794)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <ludo@HIDDEN>) id 1eriKf-000172-4k
 for 30256 <at> debbugs.gnu.org; Fri, 02 Mar 2018 05:54:33 -0500
Received: from localhost (localhost [127.0.0.1])
 by hera.aquilenet.fr (Postfix) with ESMTP id 5A0F1119E6;
 Fri,  2 Mar 2018 11:54:32 +0100 (CET)
X-Virus-Scanned: Debian amavisd-new at aquilenet.fr
Received: from hera.aquilenet.fr ([127.0.0.1])
 by localhost (hera.aquilenet.fr [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id JkX9vQSvzbzc; Fri,  2 Mar 2018 11:54:31 +0100 (CET)
Received: from ribbon (unknown [193.50.110.134])
 by hera.aquilenet.fr (Postfix) with ESMTPSA id 48B6940E;
 Fri,  2 Mar 2018 11:54:31 +0100 (CET)
From: ludo@HIDDEN (Ludovic =?utf-8?Q?Court=C3=A8s?=)
To: Mike Gerwitz <mtg@HIDDEN>
Subject: Re: [bug#30256] [PATCH 3/3] scripts: environment: Add --no-cwd.
References: <87vag2wopo.fsf@HIDDEN> <cover.1516937216.git.mtg@HIDDEN>
 <7bc71eaa3cff48ec7dc0d4fe406dde9482b716a9.1516937216.git.mtg@HIDDEN>
Date: Fri, 02 Mar 2018 11:54:30 +0100
In-Reply-To: <7bc71eaa3cff48ec7dc0d4fe406dde9482b716a9.1516937216.git.mtg@HIDDEN>
 (Mike Gerwitz's message of "Thu, 25 Jan 2018 22:29:45 -0500")
Message-ID: <87tvtyhhnd.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: 1.0 (+)
X-Debbugs-Envelope-To: 30256
Cc: 30256 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: 1.0 (+)

Mike Gerwitz <mtg@HIDDEN> skribis:

> * doc/guix.texi (Invoking guix environment): Add --no-cwd.
> * guix/scripts/environment.scm (show-help, %options): Add --no-cwd.
> (launch-environment/container): Add 'map-cwd?' param; only add mapping fo=
r cwd
> if #t.  Only change to cwd within container if #t, otherwise home.
> (guix-environment): Error if --no-cwd without --container.  Provide '(not
> no-cwd?)' to launch-environment/container as 'map-cwd?'.
> * tests/guix-environment.sh: Add test for no-cwd.

This one LGTM as well (with the test moved to
guix-environment-container.sh).  There=E2=80=99s just a minor issue:

> --- a/tests/guix-environment.sh
> +++ b/tests/guix-environment.sh
> @@ -84,6 +84,14 @@ HOME=3D"$tmpdir" guix environment --bootstrap --contai=
ner --user=3Dfoognu \
>       --share=3D"$tmpdir/umock" \
>       -- guile -c "$usertest"
>=20=20
> +# if not sharing CWD, chdir home
> +(
> +  cd "$tmpdir" \
> +    && guix environment --bootstrap --container --no-cwd --user=3Dfoo  \
> +            --ad-hoc guile-bootstrap --pure \
> +            -- /bin/sh -c 'test $(pwd) =3D=3D "/home/foo" -a ! -d '"$tmp=
dir"
> +)
> +

This test would fail for me because my test store is at
~ludo/src/guix/test-tmp/store and my CWD is ~/src/guix.  So when using
both --user and --no-cwd, the effect is that
~ludo/src/guix/test-tmp/store is not available at all within the
container, and thus execve("/bin/sh") fails with ENOENT:

--8<---------------cut here---------------start------------->8---
$ ./test-env guix environment --bootstrap --container --no-cwd --user=3Dfoo=
 --ad-hoc guile-bootstrap
accepted connection from pid 29684, user ludo
accepted connection from pid 29695, user ludo
./test-env: line 1: 29683 Terminated              "/home/ludo/src/guix/pre-=
inst-env" "/home/ludo/src/guix/guix-daemon" --disable-chroot --substitute-u=
rls=3D"$GUIX_BINARY_SUBSTITUTE_URL"
$ echo $?
1
--8<---------------cut here---------------end--------------->8---

Thoughts?

TIA,
Ludo=E2=80=99.




Information forwarded to guix-patches@HIDDEN:
bug#30256; Package guix-patches. Full text available.

Message received at submit <at> debbugs.gnu.org:


Received: (at submit) by debbugs.gnu.org; 26 Jan 2018 03:30:50 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Thu Jan 25 22:30:50 2018
Received: from localhost ([127.0.0.1]:43001 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1eeuj4-000231-Bs
	for submit <at> debbugs.gnu.org; Thu, 25 Jan 2018 22:30:50 -0500
Received: from eggs.gnu.org ([208.118.235.92]:53154)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <mtg@HIDDEN>) id 1eeuj0-000229-5p
 for submit <at> debbugs.gnu.org; Thu, 25 Jan 2018 22:30:47 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <mtg@HIDDEN>) id 1eeuit-0002k4-HH
 for submit <at> debbugs.gnu.org; Thu, 25 Jan 2018 22:30:41 -0500
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=-0.0 required=5.0 tests=BAYES_40,T_RP_MATCHES_RCVD
 autolearn=disabled version=3.3.2
Received: from lists.gnu.org ([2001:4830:134:3::11]:34647)
 by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32)
 (Exim 4.71) (envelope-from <mtg@HIDDEN>) id 1eeuit-0002jr-CP
 for submit <at> debbugs.gnu.org; Thu, 25 Jan 2018 22:30:39 -0500
Received: from eggs.gnu.org ([2001:4830:134:3::10]:44112)
 by lists.gnu.org with esmtp (Exim 4.71) (envelope-from <mtg@HIDDEN>)
 id 1eeuir-0001c0-NZ
 for guix-patches@HIDDEN; Thu, 25 Jan 2018 22:30:39 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <mtg@HIDDEN>) id 1eeuiq-0002i5-Ky
 for guix-patches@HIDDEN; Thu, 25 Jan 2018 22:30:37 -0500
Received: from fencepost.gnu.org ([2001:4830:134:3::e]:34351)
 by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <mtg@HIDDEN>)
 id 1eeuiq-0002hr-Fz
 for guix-patches@HIDDEN; Thu, 25 Jan 2018 22:30:36 -0500
Received: from localhost ([::1]:37485 helo=mikegerwitz-pc.gerwitz.local)
 by fencepost.gnu.org with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128)
 (Exim 4.82) (envelope-from <mtg@HIDDEN>) id 1eeuiq-0007E8-52
 for guix-patches@HIDDEN; Thu, 25 Jan 2018 22:30:36 -0500
From: Mike Gerwitz <mtg@HIDDEN>
To: guix-patches@HIDDEN
Subject: [PATCH 3/3] scripts: environment: Add --no-cwd.
In-Reply-To: <cover.1516937216.git.mtg@HIDDEN>
Date: Thu, 25 Jan 2018 22:29:45 -0500
References: <87vag2wopo.fsf@HIDDEN>
	<cover.1516937216.git.mtg@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.3 (gnu/linux)
X-From-Line: 7bc71eaa3cff48ec7dc0d4fe406dde9482b716a9 Mon Sep 17 00:00:00 2001
Message-Id: <7bc71eaa3cff48ec7dc0d4fe406dde9482b716a9.1516937216.git.mtg@HIDDEN>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
 micalg=pgp-sha512; protocol="application/pgp-signature"
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x
X-Received-From: 2001:4830:134:3::11
X-Spam-Score: -5.0 (-----)
X-Debbugs-Envelope-To: submit
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -5.0 (-----)

--=-=-=
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

* doc/guix.texi (Invoking guix environment): Add --no-cwd.
* guix/scripts/environment.scm (show-help, %options): Add --no-cwd.
(launch-environment/container): Add 'map-cwd?' param; only add mapping for =
cwd
if #t.  Only change to cwd within container if #t, otherwise home.
(guix-environment): Error if --no-cwd without --container.  Provide '(not
no-cwd?)' to launch-environment/container as 'map-cwd?'.
* tests/guix-environment.sh: Add test for no-cwd.
=2D--
 doc/guix.texi                |  8 ++++++++
 guix/scripts/environment.scm | 33 ++++++++++++++++++++++++---------
 tests/guix-environment.sh    |  8 ++++++++
 3 files changed, 40 insertions(+), 9 deletions(-)

diff --git a/doc/guix.texi b/doc/guix.texi
index 8218c6637..ce4545038 100644
=2D-- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -7209,6 +7209,14 @@ While this will limit the leaking of user identity t=
hrough home paths
 and each of the user fields, this is only one useful component of a
 broader privacy/anonymity solution---not one in and of itself.
=20
+@item --no-cwd
+For containers, the default behavior is to share the current working
+directory with the isolated container and immediately change to that
+directory within the container.  If this is undesirable, @code{--no-cwd}
+will cause the current working directory to @emph{not} be automatically
+shared and will change to the user's home directory within the container
+instead.  See also @code{--user}.
+
 @item --expose=3D@var{source}[=3D@var{target}]
 For containers, expose the file system @var{source} from the host system
 as the read-only file system @var{target} within the container.  If
diff --git a/guix/scripts/environment.scm b/guix/scripts/environment.scm
index f50018faf..6be263a64 100644
=2D-- a/guix/scripts/environment.scm
+++ b/guix/scripts/environment.scm
@@ -165,6 +165,9 @@ COMMAND or an interactive shell in that environment.\n"=
))
   -u, --user=3DUSER        instead of copying the name and home of the cur=
rent
                          user into an isolated container, use the name USER
                          with home directory /home/USER"))
+  (display (G_ "
+      --no-cwd           do not share current working directory with an
+                         isolated container"))
   (display (G_ "
       --share=3DSPEC       for containers, share writable host file system
                          according to SPEC"))
@@ -251,6 +254,9 @@ COMMAND or an interactive shell in that environment.\n"=
))
                  (lambda (opt name arg result)
                    (alist-cons 'user arg
                                (alist-delete 'user result eq?))))
+         (option '("no-cwd") #f #f
+                 (lambda (opt name arg result)
+                   (alist-cons 'no-cwd? #t result)))
          (option '("share") #t #f
                  (lambda (opt name arg result)
                    (alist-cons 'file-system-mapping
@@ -399,7 +405,8 @@ environment variables are cleared before setting the ne=
w ones."
            ((_ . status) status)))))
=20
 (define* (launch-environment/container #:key command bash user user-mappin=
gs
=2D                                       profile paths link-profile? netwo=
rk?)
+                                       profile paths link-profile? network?
+                                       map-cwd?)
   "Run COMMAND within a container that features the software in PROFILE.
 Environment variables are set according to PATHS, a list of native search
 paths.  The global shell is BASH, a file name for a GNU Bash binary in the
@@ -425,11 +432,13 @@ will be used for the passwd entry.  LINK-PROFILE? cre=
ates a symbolic link from
              (override-user-mappings
               user home
               (append user-mappings
=2D                      ;; Current working directory.
=2D                      (list (file-system-mapping
=2D                             (source cwd)
=2D                             (target cwd)
=2D                             (writable? #t)))
+                      ;; Share current working directory, unless asked not=
 to.
+                      (if map-cwd?
+                          (list (file-system-mapping
+                                 (source cwd)
+                                 (target cwd)
+                                 (writable? #t)))
+                          '())
                       ;; When in Rome, do as Nix build.cc does: Automagica=
lly
                       ;; map common network configuration files.
                       (if network?
@@ -488,8 +497,10 @@ will be used for the passwd entry.  LINK-PROFILE? crea=
tes a symbolic link from
                 (newline port)))
=20
             ;; For convenience, start in the user's current working
=2D            ;; directory rather than the root directory.
=2D            (chdir (override-user-dir user home cwd))
+            ;; directory or, if unmapped, the home directory.
+            (chdir (if map-cwd?
+                       (override-user-dir user home cwd)
+                       home-dir))
=20
             (primitive-exit/status
              ;; A container's environment is already purified, so no need =
to
@@ -640,6 +651,7 @@ message if any test fails."
            (container? (assoc-ref opts 'container?))
            (link-prof? (assoc-ref opts 'link-profile?))
            (network?   (assoc-ref opts 'network?))
+           (no-cwd?    (assoc-ref opts 'no-cwd?))
            (user       (assoc-ref opts 'user))
            (bootstrap? (assoc-ref opts 'bootstrap?))
            (system     (assoc-ref opts 'system))
@@ -677,6 +689,8 @@ message if any test fails."
         (leave (G_ "--link-prof cannot be used without --container~%")))
       (when (and (not container?) user)
         (leave (G_ "--user cannot be used without --container~%")))
+      (when (and (not container?) no-cwd?)
+        (leave (G_ "--no-cwd cannot be used without --container~%")))
=20
       (with-store store
         (set-build-options-from-command-line store opts)
@@ -729,7 +743,8 @@ message if any test fails."
                                                   #:profile profile
                                                   #:paths paths
                                                   #:link-profile? link-pro=
f?
=2D                                                  #:network? network?)))
+                                                  #:network? network?
+                                                  #:map-cwd? (not no-cwd?)=
)))
                  (else
                   (return
                    (exit/status
diff --git a/tests/guix-environment.sh b/tests/guix-environment.sh
index a1ce96579..abb019794 100644
=2D-- a/tests/guix-environment.sh
+++ b/tests/guix-environment.sh
@@ -84,6 +84,14 @@ HOME=3D"$tmpdir" guix environment --bootstrap --containe=
r --user=3Dfoognu \
      --share=3D"$tmpdir/umock" \
      -- guile -c "$usertest"
=20
+# if not sharing CWD, chdir home
+(
+  cd "$tmpdir" \
+    && guix environment --bootstrap --container --no-cwd --user=3Dfoo  \
+            --ad-hoc guile-bootstrap --pure \
+            -- /bin/sh -c 'test $(pwd) =3D=3D "/home/foo" -a ! -d '"$tmpdi=
r"
+)
+
 # Make sure '-r' works as expected.
 rm -f "$gcroot"
 expected=3D"`guix environment --bootstrap --ad-hoc guile-bootstrap \
=2D-=20
2.15.1


--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCgAGBQJaaqCpAAoJEIyRe39dxRui3kwP/j/g7RtKUhxxh/6OMocxf4KR
+4wO+THWCS/eG23gGsEUAQ9llz56BFGBRF0SR2Cz/ldQafUAUmND27ZXjfA/li2M
rCBTLnW65NiMJi8YPMGwaVkDvGoN9GDKpsJYQDxISWLNKn7Mb9Cpdjvesop5aE1d
mWYK9K3dafGdUyh+gefCo9aXM/6nHURfwHRbQUsw3i+duQkeqBnE+QSjDjhEY6EU
vQk0sBVmgrcCyIBsKcCOo3LL++QggZTUa7n+3KQp9mcIb1ruPu8XMZw4gEfLAZaV
Qm0pS6CZYy9dX5g8w1Qbh0jenYFeA93QdSA60vPdfx7SUZgVS08BbIV0b+Svr6yu
fumyhmFWAAOyMCoYR3ZPBoydqBEQ+0U3ny1O0HIHzshkGOqLQCcbbW98xGNObZLI
TCyiBnCMPDPtzyMJ/X8Xet7jrQIF9tfXnXzOCha+uAK2vd8VLl+DIggtb3bImQ/i
XE693bTzu+5KVIVeC1Rapup06Vg3GsvdZNFz4QLHy/TTvMrJCF2YKtYDiCZCOMck
LV9qA8ZSh4okc11FQqmaGWJ7VA4Pj97wlMm2y16o6gYXt86SSQf9ET69MadawlXP
otqpje3AnLpUv4o3Ubvh0RVRiEbW1LRO9swY0fWCbfyq18EtXUE6ARrmANxlZNG0
nKQwafK4qe7JoxCEn5lc
=UKN6
-----END PGP SIGNATURE-----
--=-=-=--




Acknowledgement sent to Mike Gerwitz <mtg@HIDDEN>:
New bug report received and forwarded. Copy sent to guix-patches@HIDDEN. Full text available.
Report forwarded to guix-patches@HIDDEN:
bug#30256; Package guix-patches. Full text available.
Please note: This is a static page, with minimal formatting, updated once a day.
Click here to see this page with the latest information and nicer formatting.
Last modified: Sat, 3 Mar 2018 21:30:04 UTC

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997 nCipher Corporation Ltd, 1994-97 Ian Jackson.