GNU bug report logs -
#59683
[PATCH] gnu: Add bolt
Previous Next
Reported by: florhizome <at> posteo.net
Date: Tue, 29 Nov 2022 15:33:02 UTC
Severity: normal
Tags: patch
Done: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>
Bug is archived. No further changes may be made.
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 59683 in the body.
You can then email your comments to 59683 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
guix-patches <at> gnu.org:
bug#59683; Package
guix-patches.
(Tue, 29 Nov 2022 15:33:02 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
florhizome <at> posteo.net:
New bug report received and forwarded. Copy sent to
guix-patches <at> gnu.org.
(Tue, 29 Nov 2022 15:33:02 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
From: florhizome <florhizome <at> posteo.net>
Adds the bolt package with a system daemon (boltd) working over dbus and a cli tool (boltctl) to enable controlling the permissions on thunderbolt ports.
the patch is from the nix package.
* gnu/packages/patches/bolt-skip-mkdir.patch: new file
* gnu/packages/local.mk: Add patch for bolt
* gnu/packages/freedesktop.scm (bolt): new variable
---
gnu/local.mk | 1 +
gnu/packages/freedesktop.scm | 45 ++++++++++++++++++++++
gnu/packages/patches/bolt-skip-mkdir.patch | 12 ++++++
3 files changed, 58 insertions(+)
create mode 100644 gnu/packages/patches/bolt-skip-mkdir.patch
diff --git a/gnu/local.mk b/gnu/local.mk
index 7278c50e4f..937c2f0c28 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -942,6 +942,7 @@ dist_patch_DATA = \
%D%/packages/patches/binutils-CVE-2021-45078.patch \
%D%/packages/patches/bloomberg-bde-cmake-module-path.patch \
%D%/packages/patches/bloomberg-bde-tools-fix-install-path.patch \
+ %D%/packages/patches/bolt-skip-mkdir.patch \
%D%/packages/patches/bpftrace-disable-bfd-disasm.patch \
%D%/packages/patches/breezy-fix-gio.patch \
%D%/packages/patches/byobu-writable-status.patch \
diff --git a/gnu/packages/freedesktop.scm b/gnu/packages/freedesktop.scm
index bd47dfc45b..57f7c4b60f 100644
--- a/gnu/packages/freedesktop.scm
+++ b/gnu/packages/freedesktop.scm
@@ -123,6 +123,7 @@ (define-module (gnu packages freedesktop)
#:use-module (gnu packages serialization)
#:use-module (gnu packages sqlite)
#:use-module (gnu packages valgrind)
+ #:use-module (gnu packages version-control)
#:use-module (gnu packages video)
#:use-module (gnu packages w3m)
#:use-module (gnu packages web)
@@ -886,6 +887,50 @@ (define-public basu
This library provides just sd-bus (and the busctl utility).")
(license license:lgpl2.1+)))
+
+(define-public bolt
+ (package
+ (name "bolt")
+ (version "0.9.4")
+ (source
+ (origin
+ (method git-fetch)
+ (uri
+ (git-reference
+ (url "https://gitlab.freedesktop.org/bolt/bolt")
+ (commit version)))
+ (sha256
+ (base32 "0w66shv7ra8yrhr0byifahbq25wi8qfsm3rifz0j31l7cmnys3js"))
+ (patches
+ (search-patches "bolt-skip-mkdir.patch"))))
+ (build-system meson-build-system)
+ (arguments
+ (list #:configure-flags #~(list "-Dsystemd=false")
+ #:phases
+ #~(modify-phases %standard-phases
+ (add-before 'configure 'set-useful-envvars
+ (lambda _
+ (setenv "PKEXEC_UID" "-1")
+ (setenv "PKG_CONFIG_UDEV_UDEVDIR"
+ (string-append #$output "/lib/udev")))))))
+ (native-inputs
+ (list asciidoc
+ dbus ;for tests
+ git-minimal
+ (list glib "bin")
+ gobject-introspection
+ pkg-config
+ python
+ umockdev))
+ (inputs
+ (list eudev glib polkit))
+ (home-page "https://gitlab.freedesktop.org/bolt/bolt")
+ (synopsis "Manage security levels for Thunderbolt™ on GNU/Linux®")
+ (description "This package includes the boltd daemon and the boltctl
+ commandline interface to manage security levels of thunderbolt and usb4
+ devices.")
+ (license license:expat)))
+
(define-public localed
;; XXX: This package is extracted from systemd but we retain so little of it
;; that it would make more sense to maintain a fork of the bits we need.
diff --git a/gnu/packages/patches/bolt-skip-mkdir.patch b/gnu/packages/patches/bolt-skip-mkdir.patch
new file mode 100644
index 0000000000..0853bcea91
--- /dev/null
+++ b/gnu/packages/patches/bolt-skip-mkdir.patch
@@ -0,0 +1,12 @@
+diff --git a/scripts/meson-install.sh b/scripts/meson-install.sh
+index 859ae81..05a1c58 100644
+--- a/scripts/meson-install.sh
++++ b/scripts/meson-install.sh
+@@ -7,5 +7,5 @@ fi
+
+ BOLT_DBDIR=$1
+
+-echo "Creating database dir: ${BOLT_DBDIR}"
+-mkdir -p "${DESTDIR}/${BOLT_DBDIR}"
++# echo "Creating database dir: ${BOLT_DBDIR}"
++# mkdir -p "${DESTDIR}/${BOLT_DBDIR}"
--
2.38.1
Information forwarded
to
guix-patches <at> gnu.org:
bug#59683; Package
guix-patches.
(Tue, 13 Dec 2022 12:53:02 GMT)
Full text and
rfc822 format available.
Message #8 received at 59683 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
Hi,
I've already attempted to get bolt merged some time ago.
See [https://issues.guix.gnu.org/49578](https://issues.guix.gnu.org/49578#11)----
Petr
[Message part 2 (text/html, inline)]
Information forwarded
to
guix-patches <at> gnu.org:
bug#59683; Package
guix-patches.
(Wed, 14 Dec 2022 11:25:01 GMT)
Full text and
rfc822 format available.
Message #11 received at 59683 <at> debbugs.gnu.org (full text, mbox):
Hi,
phodina <phodina <at> protonmail.com> skribis:
> I've already attempted to get bolt merged some time ago.
>
> See [https://issues.guix.gnu.org/49578](https://issues.guix.gnu.org/49578#11)----
Oops, thanks for the heads-up! I’ve now appplied it.
florhizome, please let us know if you can think of changes to make?
Thanks,
Ludo’.
Information forwarded
to
guix-patches <at> gnu.org:
bug#59683; Package
guix-patches.
(Tue, 20 Dec 2022 17:06:02 GMT)
Full text and
rfc822 format available.
Message #14 received at 59683 <at> debbugs.gnu.org (full text, mbox):
phodina <phodina <at> protonmail.com> skribis:
>> I've already attempted to get bolt merged some time ago.
>>
>> See [https://issues.guix.gnu.org/49578](https://issues.guix.gnu.org/49578#11)----
Ludovic Courtès <ludo <at> gnu.org> wrote:
> Oops, thanks for the heads-up! I’ve now appplied it.
>
> florhizome, please let us know if you can think of changes to make?
>
> Thanks,
> Ludo’.
I think using the envvar for correcting the udev dependency is a bit
cleaner but nothing more serious then that, I think ;)
Cheers
Information forwarded
to
guix-patches <at> gnu.org:
bug#59683; Package
guix-patches.
(Tue, 20 Dec 2022 20:53:01 GMT)
Full text and
rfc822 format available.
Message #17 received at 59683 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
I've tried to simplify the service.
However, for some reason the client boltctl does not work. It is restarted under different PID and the service does not fail.
$ boltctl list
boltctl: error: could not create client: Error calling StartServiceByName for org.freedesktop.bolt: Failed to activate service 'org.freedesktop.bolt': timed out (service_start_timeout=25000ms)
$ ps aux | grep boltd
root 20923 0.0 0.0 230592 6744 ? Dsl 21:24 0:00 /gnu/store/fhngddf8yfqsby06mwjbs99s1s83jh68-bolt-0.9.4/libexec/boltd
pethod 20935 0.0 0.0 6528 1864 pts/6 S+ 21:24 0:00 grep --color=auto boltd
$ ps aux | grep boltd
root 22821 0.0 0.0 230592 6492 ? Ssl 21:33 0:00 /gnu/store/fhngddf8yfqsby06mwjbs99s1s83jh68-bolt-0.9.4/libexec/boltd
pethod 22979 0.0 0.0 6516 1988 pts/6 S+ 21:33 0:00 grep --color=auto boltd
$ ps aux | grep boltd
root 22980 0.0 0.0 230592 8672 ? Dsl 21:33 0:00 /gnu/store/fhngddf8yfqsby06mwjbs99s1s83jh68-bolt-0.9.4/libexec/boltd
pethod 23102 0.0 0.0 6504 1988 pts/6 S+ 21:33 0:00 grep --color=auto boltd
$ ls /var/log/bolt*
ls: cannot access '/var/log/bolt*': No such file or directory
Here's a standalone file which I currently use for testing, will put it back to Guix repo.
Second attached file is the daemon running by launching it manually. For some reason it stops.
I'll also add the paragraph with description.
Also the service has to run with higher priviledges [1].
As this service reuqires HW does it make sense to write test? Maybe to check if it is launched, right?
1 https://github.com/gicmo/bolt/blob/master/data/bolt.service.in#L25
----
Petr
[bolt.scm (text/x-scheme, attachment)]
[boltd.log (text/x-log, attachment)]
Information forwarded
to
guix-patches <at> gnu.org:
bug#59683; Package
guix-patches.
(Sun, 25 Dec 2022 16:23:02 GMT)
Full text and
rfc822 format available.
Message #20 received at 59683 <at> debbugs.gnu.org (full text, mbox):
Hi,
phodina <phodina <at> protonmail.com> skribis:
> I've tried to simplify the service.
>
> However, for some reason the client boltctl does not work. It is restarted under different PID and the service does not fail.
Since it’s a D-Bus service, maybe we do not need to create a Shepherd
service for boltd? In that case, it will be started on-demand by
dbus-daemon, for instance the first time someone runs ‘boltctl’.
Is that acceptable or does it have to be started at boot time?
> $ boltctl list
> boltctl: error: could not create client: Error calling StartServiceByName for org.freedesktop.bolt: Failed to activate service 'org.freedesktop.bolt': timed out (service_start_timeout=25000ms)
>
> $ ps aux | grep boltd
> root 20923 0.0 0.0 230592 6744 ? Dsl 21:24 0:00 /gnu/store/fhngddf8yfqsby06mwjbs99s1s83jh68-bolt-0.9.4/libexec/boltd
> pethod 20935 0.0 0.0 6528 1864 pts/6 S+ 21:24 0:00 grep --color=auto boltd
> $ ps aux | grep boltd
> root 22821 0.0 0.0 230592 6492 ? Ssl 21:33 0:00 /gnu/store/fhngddf8yfqsby06mwjbs99s1s83jh68-bolt-0.9.4/libexec/boltd
> pethod 22979 0.0 0.0 6516 1988 pts/6 S+ 21:33 0:00 grep --color=auto boltd
> $ ps aux | grep boltd
> root 22980 0.0 0.0 230592 8672 ? Dsl 21:33 0:00 /gnu/store/fhngddf8yfqsby06mwjbs99s1s83jh68-bolt-0.9.4/libexec/boltd
> pethod 23102 0.0 0.0 6504 1988 pts/6 S+ 21:33 0:00 grep --color=auto boltd
>
> $ ls /var/log/bolt*
> ls: cannot access '/var/log/bolt*': No such file or directory
Perhaps /var/log/messages has details?
Thanks,
Ludo’.
Information forwarded
to
guix-patches <at> gnu.org:
bug#59683; Package
guix-patches.
(Sun, 25 Dec 2022 17:34:02 GMT)
Full text and
rfc822 format available.
Message #23 received at 59683 <at> debbugs.gnu.org (full text, mbox):
Hello Ludo’,
> > I've tried to simplify the service.
> >
> > However, for some reason the client boltctl does not work. It is restarted under different PID and the service does not fail.
>
>
> Since it’s a D-Bus service, maybe we do not need to create a Shepherd
> service for boltd? In that case, it will be started on-demand by
> dbus-daemon, for instance the first time someone runs ‘boltctl’.
>
> Is that acceptable or does it have to be started at boot time?
Not sure about that. I'll ask Christian Kellner (author of the project).
The issue is that user is able to define if the device is allowed to connect or not. And my assumption is that this is the knowledge of the daemon.
So it would have to be started by some udev event that sends dbus-event.
Or maybe the "IDs" of the devices are stored in the Thunderbolt controller (I'm not familar with the specs either) and it's done transparently.
> >
> > $ ls /var/log/bolt*
> > ls: cannot access '/var/log/bolt*': No such file or directory
>
>
> Perhaps /var/log/messages has details?
Not sure the content of the '/var/log/messages' is useful:
Dec 25 13:56:48 localhost shepherd[1]: Service bolt has been started.
Dec 25 13:56:48 localhost shepherd[1]: Service nix-daemon has been started.
Dec 25 13:56:48 localhost shepherd[1]: Respawning bolt.
Dec 25 13:56:48 localhost shepherd[1]: Service bolt has been started.
Dec 25 13:56:48 localhost shepherd[1]: Respawning bolt.
Dec 25 13:56:48 localhost shepherd[1]: Service bolt has been started.
Dec 25 13:56:48 localhost shepherd[1]: Respawning bolt.
Dec 25 13:56:48 localhost shepherd[1]: Service bolt has been started.
Dec 25 13:56:48 localhost shepherd[1]: Respawning bolt.
Dec 25 13:56:48 localhost shepherd[1]: Service bolt has been started.
Dec 25 13:56:48 localhost shepherd[1]: Respawning bolt.
Dec 25 13:56:48 localhost shepherd[1]: Service bolt has been started.
Dec 25 13:56:48 localhost shepherd[1]: Respawning bolt.
Dec 25 13:56:48 localhost shepherd[1]: Service bolt has been started.
Dec 25 13:56:48 localhost shepherd[1]: Service bolt has been disabled.
Dec 25 13:56:48 localhost shepherd[1]: (Respawning too fast.)
----
Petr
Reply sent
to
Maxim Cournoyer <maxim.cournoyer <at> gmail.com>:
You have taken responsibility.
(Mon, 16 Jan 2023 13:38:02 GMT)
Full text and
rfc822 format available.
Notification sent
to
florhizome <at> posteo.net:
bug acknowledged by developer.
(Mon, 16 Jan 2023 13:38:02 GMT)
Full text and
rfc822 format available.
Message #28 received at 59683-done <at> debbugs.gnu.org (full text, mbox):
Hello,
Ludovic Courtès <ludo <at> gnu.org> writes:
> Hi,
>
> phodina <phodina <at> protonmail.com> skribis:
>
>> I've already attempted to get bolt merged some time ago.
>>
>> See [https://issues.guix.gnu.org/49578](https://issues.guix.gnu.org/49578#11)----
>
> Oops, thanks for the heads-up! I’ve now appplied it.
>
> florhizome, please let us know if you can think of changes to make?
Seems the remaining discussion is about a bolt service rather than
adding a bolt package, hence I'm closing this.
--
Thanks,
Maxim
bug archived.
Request was from
Debbugs Internal Request <help-debbugs <at> gnu.org>
to
internal_control <at> debbugs.gnu.org.
(Tue, 14 Feb 2023 12:24:13 GMT)
Full text and
rfc822 format available.
This bug report was last modified 1 year and 61 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.