ng0 <[email protected]> skribis: > +@cindex GNUnet > +@cindex gnunet > +@subsubheading GNUnet Service > + > +@deffn {Scheme Variable} gnunet-service-type > +This is the type of the @uref{https://gnunet.org, GNUnet}
Since GNUnet is supposed to be available to unprivileged users via ‘gnunet-arm’, perhaps you could clarify a bit what this does and what the tradeoffs are? [...] > + (user-account > + (name "gnunet") > + (group "gnunet") > + (system? #t) > + (comment "GNUnet system user") > + (home-directory "/var/empty") > + (shell #~(string-append #$shadow "/sbin/nologin"))))) Prefer (file-append shadow "/sbin/nologin"). > +(define gnunet-activation > + (match-lambda > + (($ <gnunet-configuration> package config-file) > + (let ((gnunet > + (file-append package "/lib/gnunet/libexec/gnunet-service-arm"))) > + #~(begin > + (use-modules (guix build utils)) > + (define %user (getpw "gnunet")) > + (mkdir-p "/var/lib/gnunet/") > + (chown "/var/lib/gnunet" (passwd:uid %user) (passwd:gid %user)) > + (chmod "/var/lib/gnunet/" #o600) > + (mkdir-p "/var/lib/gnunet/.local/share/gnunet") > + (mkdir-p "/var/lib/gnunet/.cache/gnunet") > + (mkdir-p "/var/lib/gnunet/.config/gnunet") > + (chmod "/var/lib/gnunet/.config/gnunet" #o600) > + (chmod "/var/lib/gnunet/.cache/gnunet" #o600) > + (chmod "/var/lib/gnunet/.local/share/gnunet" #o600)))))) The .local, .share, and .config sub-directories here look fishy. I’d suggest reporting that as a bug upstream. :-) The rest LGTM! Thanks, Ludo’.
