guix-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Using 'system*' instead of 'system' in 'guix environment'


From: Thompson, David
Subject: Re: Using 'system*' instead of 'system' in 'guix environment'
Date: Thu, 8 Oct 2015 08:41:17 -0400

On Thu, Oct 8, 2015 at 3:53 AM, Ludovic Courtès <address@hidden> wrote:
> Hi!
>
> David Thompson <address@hidden> skribis:
>
>> In an effort to finish up a patch to add a --container flag to 'guix
>> environment', I've encountered a serious problem.  The --exec flag
>> allows the user to pass an arbitrary command to be run using 'system'.
>> Unlike 'system*', 'system' spawns a command interpreter first and passes
>> the command string in.  This is very problematic when using a container,
>> because there's a very good chance that the command interpreter of the
>> running Guile process is not mounted inside the container.
>
> Oooh, good catch!
>
> How about using something like:
>
>   (system* (or (the-container-shell) (getenv "SHELL") "/bin/sh")
>            "-c" the-string)

Yes, that could work.  I've tried that but I don't love it.  More
about that below.

>> If the above explanation is confusing, the 'sudo' program provides a
>> good example of the UI I'm after:
>>
>>     sudo guile -c '(do-root-things)'
>
> Or similarly: “ssh HOST some command and arguments”.
>
>> But for now we're stuck with this:
>>
>>     guix environment --ad-hoc guile -E "guile -c '(do-root-things)'"
>>
>> Now, we can't actually do exactly what 'sudo' does because 'guix
>> environment' already recognizes operands as package names, not program
>> arguments.  Perhaps we can use '--' to separate the package list from
>> the command to run:
>>
>>     guix environment --ad-hoc guile -- guile -c '(do-root-things)'
>>
>> Does that look okay?  Any other ideas?
>
> I really like the UI that you propose; using -- to separate the
> arguments sounds good.
>
> I think it’s orthogonal to the question of whether to use ‘system’ or
> not though.
>
> Currently one can do things like:
>
>   guix environment foo -E 'cd /bar ; frob'
>
> and I think we should keep this capability, which means running the
> command via /bin/sh -c (which is what ‘system’ does, but we can use
> ‘system*’ the way I wrote above to achieve that.)
>
> So I think the new UI should essentially ‘string-join’ everything that
> comes after --, and pass that to the procedure that invokes sh -c.

I disagree, and here's why.  Going back to the sudo/ssh example, it's
not possible to do 'cd /bar; frob' naively because this...

    sudo cd /bar; frob

...is two commands.  And this doesn't work either because it's not a
valid string for exec:

    sudo 'cd /bar; frob'

However, we can just do the 'sh -c' trick!

    sudo sh -c 'cd /bar; frob'

This is essentially what you propose having built-in, but I think it
would be best to leave it out.  That way we can simply use 'system*'
and users that want to execute an inline Bash script can do so using
the method they most likely already know about from tools like sudo
and ssh.

    guix environment --ad-hoc guile -- guile -c '(frob)'

    guix environment --ad-hoc guile -- sh -c "cd bar/; guile -c '(frob)'"

This has the additional advantage that the first process created
inside containers will be PID 1, not 2.

Does this counter-proposal sound OK?

- Dave



reply via email to

[Prev in Thread] Current Thread [Next in Thread]