GNU bug report logs -
#48751
[PATCH 0/1] Create parent directory for laminar unix socket
Previous Next
Reported by: Arun Isaac <arunisaac <at> systemreboot.net>
Date: Sun, 30 May 2021 20:01:02 UTC
Severity: normal
Tags: patch
Done: Arun Isaac <arunisaac <at> systemreboot.net>
Bug is archived. No further changes may be made.
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 48751 in the body.
You can then email your comments to 48751 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
guix-patches <at> gnu.org
:
bug#48751
; Package
guix-patches
.
(Sun, 30 May 2021 20:01:02 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
Arun Isaac <arunisaac <at> systemreboot.net>
:
New bug report received and forwarded. Copy sent to
guix-patches <at> gnu.org
.
(Sun, 30 May 2021 20:01:02 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
If laminard is configured to listen on a unix socket, it should create the
parent directory of the unix socket with appropriate permissions. Currently,
no parent directory is created and the service fails to start.
Arun Isaac (1):
services: laminar: Create parent directory for unix socket.
gnu/services/ci.scm | 15 ++++++++++++++-
1 file changed, 14 insertions(+), 1 deletion(-)
--
2.31.0
Information forwarded
to
guix-patches <at> gnu.org
:
bug#48751
; Package
guix-patches
.
(Sun, 30 May 2021 20:06:02 GMT)
Full text and
rfc822 format available.
Message #8 received at 48751 <at> debbugs.gnu.org (full text, mbox):
* gnu/services/ci.scm (laminar-activation): New function.
(laminar-service-type): Extend activation-service-type with
laminar-activation.
---
gnu/services/ci.scm | 15 ++++++++++++++-
1 file changed, 14 insertions(+), 1 deletion(-)
diff --git a/gnu/services/ci.scm b/gnu/services/ci.scm
index 0b18521e76..0c3566bcaf 100644
--- a/gnu/services/ci.scm
+++ b/gnu/services/ci.scm
@@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2018, 2019, 2020, 2021 Christopher Baines <mail <at> cbaines.net>
+;;; Copyright © 2021 Arun Isaac <arunisaac <at> systemreboot.net>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -115,13 +116,25 @@
(home-directory (laminar-configuration-home-directory config))
(shell #~(string-append #$shadow "/sbin/nologin")))))
+(define (laminar-activation config)
+ (let ((bind-http (laminar-configuration-bind-http config)))
+ #~(begin
+ ;; If listen is a unix socket, create its parent directory.
+ (when (string-prefix? "unix:" #$bind-http)
+ (let ((run-directory
+ (dirname (substring #$bind-http (string-length "unix:"))))
+ (user (getpw "laminar")))
+ (mkdir-p run-directory)
+ (chown run-directory (passwd:uid user) (passwd:gid user)))))))
+
(define laminar-service-type
(service-type
(name 'laminar)
(extensions
(list
(service-extension shepherd-root-service-type laminar-shepherd-service)
- (service-extension account-service-type laminar-account)))
+ (service-extension account-service-type laminar-account)
+ (service-extension activation-service-type laminar-activation)))
(default-value (laminar-configuration))
(description
"Run the Laminar continuous integration service.")))
--
2.31.0
Information forwarded
to
guix-patches <at> gnu.org
:
bug#48751
; Package
guix-patches
.
(Tue, 08 Jun 2021 15:36:01 GMT)
Full text and
rfc822 format available.
Message #11 received at 48751 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
Arun Isaac <arunisaac <at> systemreboot.net> writes:
> * gnu/services/ci.scm (laminar-activation): New function.
> (laminar-service-type): Extend activation-service-type with
> laminar-activation.
> ---
> gnu/services/ci.scm | 15 ++++++++++++++-
> 1 file changed, 14 insertions(+), 1 deletion(-)
This looks good to me. I don't think I've played around too much with
different bind options, so I haven't come across this issue.
[signature.asc (application/pgp-signature, inline)]
Reply sent
to
Arun Isaac <arunisaac <at> systemreboot.net>
:
You have taken responsibility.
(Thu, 10 Jun 2021 05:01:02 GMT)
Full text and
rfc822 format available.
Notification sent
to
Arun Isaac <arunisaac <at> systemreboot.net>
:
bug acknowledged by developer.
(Thu, 10 Jun 2021 05:01:02 GMT)
Full text and
rfc822 format available.
Message #16 received at 48751-done <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
Hi Chris,
> This looks good to me.
Pushed to master, thanks for the review!
> I don't think I've played around too much with different bind options,
> so I haven't come across this issue.
One problem still remains even after this patch. If the laminar web UI
is behind an nginx reverse proxy, the nginx user needs to have
read/write permissions to the unix socket. For this, it should be a
member of the laminar group. But, short of modifying the nginx service,
I don't know of any way to achieve this. Something more composable would
be nice. The nginx service being aware of laminar doesn't sound
right. Any ideas?
Regards,
Arun
[signature.asc (application/pgp-signature, inline)]
Information forwarded
to
guix-patches <at> gnu.org
:
bug#48751
; Package
guix-patches
.
(Wed, 16 Jun 2021 07:32:02 GMT)
Full text and
rfc822 format available.
Message #19 received at 48751-done <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
Arun Isaac <arunisaac <at> systemreboot.net> writes:
> Hi Chris,
>
>> This looks good to me.
>
> Pushed to master, thanks for the review!
>
>> I don't think I've played around too much with different bind options,
>> so I haven't come across this issue.
>
> One problem still remains even after this patch. If the laminar web UI
> is behind an nginx reverse proxy, the nginx user needs to have
> read/write permissions to the unix socket. For this, it should be a
> member of the laminar group. But, short of modifying the nginx service,
> I don't know of any way to achieve this. Something more composable would
> be nice. The nginx service being aware of laminar doesn't sound
> right. Any ideas?
Nothing comes to mind unfortunately.
[signature.asc (application/pgp-signature, inline)]
bug archived.
Request was from
Debbugs Internal Request <help-debbugs <at> gnu.org>
to
internal_control <at> debbugs.gnu.org
.
(Wed, 14 Jul 2021 11:24:08 GMT)
Full text and
rfc822 format available.
This bug report was last modified 2 years and 280 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.