guix-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Code sharing between system and home services (was Re: On the naming

From: Ludovic Courtès
Subject: Re: Code sharing between system and home services (was Re: On the naming of System and Home services modules.)
Date: Wed, 06 Oct 2021 15:12:17 +0200
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux) 
Hi,

Maxime Devos <maximedevos@telenet.be> skribis:

> It might be possible to modify 'make-forkexec-constructor/container' to call
> (exec-command (cons* newuidmap ARGUMENTS-TO-NEWUIDMAP command) ...),
> where newuidmap is (search-input-file "newuidmap" '("/run/setuid-programs" 
> "/usr/sbin" "/sbin")).
> That path should work on Guix System and many foreign distro, presuming the 
> distro
> is configured to make "newuidmap" setuid.

That looks like opening the door to reproducibility issues.

If we wanted to take that route, it might be slightly more aesthetically
pleasing to rely on a service such as Bubblewrap, but the
non-self-containment issue remains.

Ludo’.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]