Re: Guix binary tarball

2015-06-08 Thread Ludovic Courtès
Alex Kost skribis: > Ludovic Courtès (2015-06-07 19:14 +0300) wrote: > >> Thomas Schwinge skribis: >> >>> I'm not a fan of extracting tarballs inside populated directories; so I'm >>> in favor on the suggested change to extract inside a temporary directory, >>> and then move everything in place

Re: Guix binary tarball

2015-06-08 Thread Alex Kost
Ludovic Courtès (2015-06-07 19:14 +0300) wrote: > Thomas Schwinge skribis: > >> I'm not a fan of extracting tarballs inside populated directories; so I'm >> in favor on the suggested change to extract inside a temporary directory, >> and then move everything in place as a separate step. > > OK.

Re: Guix binary tarball

2015-06-07 Thread Ludovic Courtès
Hi, Thomas! Thomas Schwinge skribis: > I'm not a fan of extracting tarballs inside populated directories; so I'm > in favor on the suggested change to extract inside a temporary directory, > and then move everything in place as a separate step. OK. I had come to the conclusion that yes, doing

/run/current-system (was: Guix binary tarball)

2015-06-07 Thread Thomas Schwinge
Hi! On Sun, 07 Jun 2015 14:39:20 +0200, I wrote: > In context of > , > I'm now installing Guix (GNU Guix 0.8.2 Binary) for the first time. I > noticed a few issues that have been raised in this threa

Re: Guix binary tarball

2015-06-07 Thread Thomas Schwinge
Hi! In context of , I'm now installing Guix (GNU Guix 0.8.2 Binary) for the first time. I noticed a few issues that have been raised in this thread already (I have not yet read every message in detai

Re: Guix binary tarball

2015-05-21 Thread Ludovic Courtès
Mark H Weaver skribis: > l...@gnu.org (Ludovic Courtès) writes: > >> Mark H Weaver skribis: >> >>> Here's a suggested patch: >>> >>> diff --git a/gnu/system/install.scm b/gnu/system/install.scm >>> index 799851c..10fbfdd 100644 >>> --- a/gnu/system/install.scm >>> +++ b/gnu/system/install.scm >>

Re: Guix binary tarball

2015-05-20 Thread Mark H Weaver
l...@gnu.org (Ludovic Courtès) writes: > Mark H Weaver skribis: > >> Here's a suggested patch: >> >> diff --git a/gnu/system/install.scm b/gnu/system/install.scm >> index 799851c..10fbfdd 100644 >> --- a/gnu/system/install.scm >> +++ b/gnu/system/install.scm >> @@ -71,7 +71,14 @@ under /root/.gui

Re: Guix binary tarball

2015-05-20 Thread Ludovic Courtès
Mark H Weaver skribis: > Andreas Enge writes: > >> - The tarball also contains /, /root and /var. When unpacking it, the owner >> and permissions are changed on the system. As a consequence, we could not >> ssh into the machine any more (!). Could these directories be left out of >> the ta

Re: Guix binary tarball

2015-05-20 Thread Andreas Enge
On Tue, May 19, 2015 at 07:03:57PM -0400, Mark H Weaver wrote: > If we did this, then we could revert 8c3a5d7059 and avoid any use of > --skip-old-files. I would be in favor of this. > > What do you think? Sounds good, thanks for looking into this! Andreas

Re: Guix binary tarball

2015-05-19 Thread Mark H Weaver
Andreas Enge writes: > - The tarball also contains /, /root and /var. When unpacking it, the owner > and permissions are changed on the system. As a consequence, we could not > ssh into the machine any more (!). Could these directories be left out of > the tarball and only their contents be

Re: Guix binary tarball

2015-05-18 Thread Ludovic Courtès
Andreas Enge skribis: > thanks for the work; I would have proposed a patch, but thought the discussion > was not yet finished. Sorry, I did not want to pressure you, the discussion remains open anyway. :-) > I am attaching an amended version of Sree's /etc/init.d/guixd with the new > group and

Re: Guix binary tarball

2015-05-18 Thread Andreas Enge
Hello, thanks for the work; I would have proposed a patch, but thought the discussion was not yet finished. I am attaching an amended version of Sree's /etc/init.d/guixd with the new group and build user names. Andreas #!/bin/sh ### BEGIN INIT INFO # Provides: guix-daemon # Required-Start: $lo

Re: Guix binary tarball

2015-05-17 Thread Ludovic Courtès
l...@gnu.org (Ludovic Courtès) skribis: > These commits address most of what you reported, I think: > > 175ced4 * install: Use the right user and group name for files in the binary > tarball. > cfc149d * doc: Suggest the same build user and group names as on GuixSD. > d72d05f * doc: Better sugges

Re: Guix binary tarball

2015-05-17 Thread Ludovic Courtès
These commits address most of what you reported, I think: 175ced4 * install: Use the right user and group name for files in the binary tarball. cfc149d * doc: Suggest the same build user and group names as on GuixSD. d72d05f * doc: Better suggestion for the /usr/local/bin/guix symlink. Feedback

Re: Guix binary tarball

2015-05-17 Thread Ludovic Courtès
Mark H Weaver skribis: > Andreas Enge writes: > >>> > Could these directories be left out of the tarball and only their >>> > contents be kept in? >>> No. Maybe we can fix it by using two tar invocations with different >>> --owner. >> >> Well, you never know what permissions the directories hav

Re: Guix binary tarball

2015-05-16 Thread Ludovic Courtès
Andreas Enge skribis: > On Fri, May 15, 2015 at 07:14:04PM +0200, Ludovic Courtès wrote: >> > - The tarball also contains /, /root and /var. When unpacking it, the owner >> > and permissions are changed on the system. >> No. Maybe we can fix it by using two tar invocations with different >> --

Re: Guix binary tarball

2015-05-16 Thread Ludovic Courtès
taylanbayi...@gmail.com (Taylan Ulrich "Bayırlı/Kammer") skribis: > Additionally, it's a best-practice to disable password-authentication > for the root account in sshd_config (Debian 8 proposes it at least) to > prevent the chance of successful brute-force/dictionary attacks. I think the default

Re: Guix binary tarball

2015-05-15 Thread Andreas Enge
On Fri, May 15, 2015 at 07:14:04PM +0200, Ludovic Courtès wrote: > > - The tarball also contains /, /root and /var. When unpacking it, the owner > > and permissions are changed on the system. > No. Maybe we can fix it by using two tar invocations with different > --owner. Hm. Then maybe the doc

Re: Guix binary tarball

2015-05-15 Thread Mark H Weaver
Andreas Enge writes: >> > Could these directories be left out of the tarball and only their >> > contents be kept in? >> No. Maybe we can fix it by using two tar invocations with different >> --owner. > > Well, you never know what permissions the directories have on the target > machine, and the

Re: Guix binary tarball

2015-05-15 Thread Taylan Ulrich Bayırlı/Kammer
Andreas Enge writes: >> > As a consequence, we could not ssh into the machine any more >> > (!). >> I don’t see how this could happen. > > Try "chown 3.30001 $HOME". Then ssh into the machine asks for the > passphrase instead of using the public-private key pair. I believe this is because Op

Re: Guix binary tarball

2015-05-15 Thread Andreas Enge
On Fri, May 15, 2015 at 07:14:04PM +0200, Ludovic Courtès wrote: > What were the symptoms on your machine? Did guix-build{,er} turn out > to have different UID/GID? We did not try it; our first aim was to get back to sshing into the machine (luckily, we still had a terminal open somewhere). Maybe

Re: Guix binary tarball

2015-05-15 Thread Ludovic Courtès
Andreas Enge skribis: > - The files all have owner nixbld and group nixbld, whereas on my own machine, > they are either both root (for /var/guix, /root and /store) or user root, > group guix-builder (for /gnu/store). As that user and group do not exist > on the target system, the numerical

Guix binary tarball

2015-05-15 Thread Andreas Enge
Hello, we just set up guix 0.8.2 via the binary tarball on a machine at work, and experienced a few problems: - The files all have owner nixbld and group nixbld, whereas on my own machine, they are either both root (for /var/guix, /root and /store) or user root, group guix-builder (for /gnu/s