Guix services, logging, and log rotation

[Katherine Cox-Buday]

Hey Guix!

I'm slowly working on contributing rsyslog with a Guix service. I have just 
arrived at trying to allow the user to specify where the Shepherd service sends 
its log file, and I began thinking about log rotation.

In the manual, SS10.8.3, it says:

> (usually, services that produce log files already take care of that)

I found an excellent example in =hpcguix-web-service-type=. It looks like you 
can achieve this by extending the =rottlog-service-type=?

#+BEGIN_SRC scheme
  (define hpcguix-web-service-type
(service-type
 (name 'hpcguix-web)
 (description "Run the hpcguix-web server.")
 (extensions
  (list (service-extension account-service-type
   (const %hpcguix-web-accounts))
(service-extension activation-service-type
   (const %hpcguix-web-activation))
(service-extension rottlog-service-type
   (const %hpcguix-web-log-rotations))
(service-extension shepherd-root-service-type
   (compose list hpcguix-web-shepherd-service))
#+END_SRC

However, I noticed not all services allow users to specify where log files go, 
or setup log rotation. E.g.:

#+BEGIN_SRC scheme
(define syncthing-service-type
  (service-type (name 'syncthing)
(extensions (list (service-extension shepherd-root-service-type
 
syncthing-shepherd-service)))
(description
 "Run @uref{https://github.com/syncthing/syncthing, Syncthing}
decentralized continuous file system synchronization.")))
#+END_SRC

Are these bugs?

Why don't all services allow you to specify where logs go?

I guess if no log location is specified, it just goes in the master shepherd 
log which is rotated?

Thank you,
--
Katherine

Re: Recommend order for package fields?

[Katherine Cox-Buday]

zimoun  writes:

> And obviously, it could be nice to have an automatic tool for formatting; > 
> something similar as etc/indent-code.el for ordering packages. ;-)

And cleaning up unused imports too! Does such a thing exist for Guile in 
general?

-- 
Katherine

Re: e31d48d and sbcl-cl-https-everywhere: "guix pull" broken

[Pierre Neidhardt]

Good catch, sorry about that.
I believed it to be simple enough, I didn't know about the
sbcl-package->cl-source-package limitation.  The build-system probably
needs a fix.


signature.asc
Description: PGP signature

Re: e31d48d and sbcl-cl-https-everywhere: "guix pull" broken

[zimoun]

Hi,

On Tue, 16 Nov 2021 at 13:33, zimoun  wrote:

> Could you revert or fix as soon as possible?

Probably relevant [1]:

 I found the reason; sbcl-package->cl-source-package assumes all
 inputs are packages

1: 

Cheers,
simon

e31d48d and sbcl-cl-https-everywhere: "guix pull" broken

[zimoun]

Hi Pierre,

This commit e31d48d adding  cl-https-everywhere seems to break "guix
pull" because:

"78d3425aef62d79da2c63c0fcd89ae9837af9a09" recursive?: #f>
#
() 7fffe45d0900>)) (value (# url:
"https://github.com/EFForg/https-everywhere"; commit:
"78d3425aef62d79da2c63c0fcd89ae9837af9a09" recursive?: #f>
#
() 7fffe45d0900>)))

Could you revert or fix as soon as possible?

Cheers,
simon

PS: On a side note, "For patches that just add a new package, and a
simple one, it’s OK to commit", and it does not appear to me "a simple
one". ;-)

Re: "Trojan Source" (CVE-2021-42574 and CVE-2021-42694): can 'guix lint' help someway?

[Giovanni Biscuolo]

Hi!

Ludovic Courtès  writes:

> Giovanni Biscuolo  skribis:
>
>> The details are published here: https://www.trojansource.codes/
>
> [...]
>
>> Is there a way for "guix lint" to check for the listed (other?)
>> "dangerous" codepoints and warn code reviewers?
>
> That would be an expensive operation since that means unpacking the
> source and reading each and every file.  ‘guix lint’ usually does
> inexpensive checks.

[...]

>> Is it possible for the Guix community to start a coordinated effort to
>> analyze all the source code (ever?!?) published in out git repo to check
>> for the presence of this attack?
>
> That sounds unreasonable to me.

OK, thanks all for your replies!

[...]

Ciao, Gio'

-- 
Giovanni Biscuolo

Xelera IT Infrastructures


signature.asc
Description: PGP signature