[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
14/14: services: opendht: Use 'least-authority-wrapper'.
From: |
guix-commits |
Subject: |
14/14: services: opendht: Use 'least-authority-wrapper'. |
Date: |
Sun, 1 May 2022 16:15:34 -0400 (EDT) |
civodul pushed a commit to branch master
in repository guix.
commit fee06d5aaa71a965ea0bc06c1ff15c138a8bb2c8
Author: Ludovic Courtès <ludo@gnu.org>
AuthorDate: Wed Apr 27 18:35:21 2022 +0200
services: opendht: Use 'least-authority-wrapper'.
* gnu/services/networking.scm
(opendht-configuration->command-line-arguments):
Use 'least-authority-wrapper'.
(opendht-shepherd-service): Use 'make-forkexec-constructor'.
---
gnu/services/networking.scm | 40 ++++++++++++++++++++++------------------
1 file changed, 22 insertions(+), 18 deletions(-)
diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm
index 069034a61d..399cd03c1d 100644
--- a/gnu/services/networking.scm
+++ b/gnu/services/networking.scm
@@ -796,7 +796,19 @@ CONFIG, an <opendht-configuration> object."
(match-record config <opendht-configuration>
(opendht bootstrap-host enable-logging? port debug? peer-discovery?
proxy-server-port proxy-server-port-tls)
- (let ((dhtnode #~(string-append #$opendht:tools "/bin/dhtnode")))
+ (let ((dhtnode (least-authority-wrapper
+ ;; XXX: Work around lack of support for multiple outputs
+ ;; in 'file-append'.
+ (computed-file "dhtnode"
+ #~(symlink
+ (string-append #$opendht:tools
+ "/bin/dhtnode")
+ #$output))
+ #:name "dhtnode"
+ #:mappings (list (file-system-mapping
+ (source "/dev/log") ;for syslog
+ (target source)))
+ #:namespaces (delq 'net %namespaces))))
`(,dhtnode
"--service" ;non-forking mode
,@(if (string? bootstrap-host)
@@ -822,23 +834,15 @@ CONFIG, an <opendht-configuration> object."
(define (opendht-shepherd-service config)
"Return a <shepherd-service> running OpenDHT."
- (with-imported-modules (source-module-closure
- '((gnu build shepherd)
- (gnu system file-systems)))
- (shepherd-service
- (documentation "Run an OpenDHT node.")
- (provision '(opendht dhtnode dhtproxy))
- (requirement '(networking syslogd))
- (modules '((gnu build shepherd)
- (gnu system file-systems)))
- (start #~(make-forkexec-constructor/container
- (list #$@(opendht-configuration->command-line-arguments config))
- #:mappings (list (file-system-mapping
- (source "/dev/log") ;for syslog
- (target source)))
- #:user "opendht"
- #:group "opendht"))
- (stop #~(make-kill-destructor)))))
+ (shepherd-service
+ (documentation "Run an OpenDHT node.")
+ (provision '(opendht dhtnode dhtproxy))
+ (requirement '(networking syslogd))
+ (start #~(make-forkexec-constructor
+ (list #$@(opendht-configuration->command-line-arguments config))
+ #:user "opendht"
+ #:group "opendht"))
+ (stop #~(make-kill-destructor))))
(define opendht-service-type
(service-type
- branch master updated (6b4124cdcc -> fee06d5aaa), guix-commits, 2022/05/01
- 03/14: linux-container: 'call-with-container' relays SIGTERM and SIGINT., guix-commits, 2022/05/01
- 11/14: services: wesnothd: Grant write access to /var/run/wesnothd., guix-commits, 2022/05/01
- 02/14: file-systems: Avoid load-time warnings when attempting to load (guix store)., guix-commits, 2022/05/01
- 06/14: Add (guix least-authority)., guix-commits, 2022/05/01
- 09/14: services: bitlbee: Use 'make-inetd-constructor'., guix-commits, 2022/05/01
- 04/14: linux-container: Ensure signal-handling asyncs get a chance to run., guix-commits, 2022/05/01
- 10/14: services: ipfs: Use 'least-authority-wrapper'., guix-commits, 2022/05/01
- 12/14: services: wesnothd: Use 'least-authority-wrapper'., guix-commits, 2022/05/01
- 01/14: gexp: Add 'references-file'., guix-commits, 2022/05/01
- 14/14: services: opendht: Use 'least-authority-wrapper'.,
guix-commits <=
- 13/14: services: quassel: Use 'least-authority-wrapper'., guix-commits, 2022/05/01
- 08/14: services: dicod: Use 'make-inetd-constructor'., guix-commits, 2022/05/01
- 07/14: services: dicod: Rewrite using 'least-authority-wrapper'., guix-commits, 2022/05/01
- 05/14: linux-container: Add #:child-is-pid1? parameter to 'call-with-container'., guix-commits, 2022/05/01