help-guix
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Starting user services at boot


From: Ludovic Courtès
Subject: Re: Starting user services at boot
Date: Mon, 13 Feb 2017 15:01:48 +0100
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux)

ng0 <address@hidden> skribis:

> On 17-02-13 10:30:10, Ludovic Courtès wrote:
>> Hi Leo!
>> 
>> Leo Famulari <address@hidden> skribis:
>> 
>> > Does anyone have advice about how to start an unprivileged user's
>> > services when the system boots?
>> >
>> > On other systems, I could at least invoke them in /etc/rc.local, but I'm
>> > not sure how to do it on GuixSD.
>> 
>> Currently I run shepherd as myself, which reads from
>> ~/.config/shepherd/init.scm.  It gets started from my ~/.xsession.
>> 
>> Admittedly this is a bit of a hack.  It wouldn’t be hard to define
>> per-user Shepherd instances as global Shepherd services in GuixSD, if
>> you see what I mean.
>> 
>> Another option would be to add support for this directly in the
>> Shepherd, which has pros and cons.
>
> What are the pros and cons from your point of view, could you explain this?

The downside is that it would make the Shepherd more complex: it would
have to have a built-in notion of user instances, even though it is not
designed specifically to run as PID 1 initially (you can use it as an
unprivileged user already).

Another downside is that /var/run/shepherd/socket may need to be
accessible to users so they can talk to PID 1.  More generally, there’d
need to be some way to prevent unprivileged users from doing things like
running arbitrary code in PID 1.

The upside would be better integration: if shepherd knows about user
services, then it can show them in ‘herd status’, things like that.

(There’s a similar trade-off for the recently-added support for services
running in containers.)

Thanks,
Ludo’.



reply via email to

[Prev in Thread] Current Thread [Next in Thread]