[PATCH 0/2] Run speakersafetyd as unprivileged user

  • Done
  • quality assurance status badge
Details
2 participants
  • Maxim Cournoyer
  • Roman Scherer
Owner
unassigned
Submitted by
Roman Scherer
Severity
normal

Debbugs page

R
R
Roman Scherer wrote on 30 Mar 05:24 -0700
(address . guix-patches@gnu.org)(name . Roman Scherer)(address . roman@burningswell.com)
cover.1743337065.git.roman@burningswell.com
Hello Guix,

this patch series updates the speakersafetyd package and its system service to
run as an unprivileged user instead of root. Upstream made this possible
rercently [1].

Could you please review the patch series?

Thank you!


Roman Scherer (2):
gnu: speakersafetyd: Update to 1.1.2.
gnu: speakersafetyd: Run as unprivileged user.

doc/guix.texi | 9 ++++++
gnu/packages/rust-apps.scm | 16 +++++------
gnu/services/sound.scm | 57 +++++++++++++++++++++++++++++++++++---
3 files changed, 69 insertions(+), 13 deletions(-)


base-commit: 2ed28b5c24c599b2f9bc60dfc93151cf489ca477
--
2.49.0
R
R
Roman Scherer wrote on 30 Mar 05:26 -0700
[PATCH 1/2] gnu: speakersafetyd: Update to 1.1.2.
(address . 77383@debbugs.gnu.org)(name . Roman Scherer)(address . roman@burningswell.com)
92c75e4d057966fdf586b34e34d8b43a7361e006.1743337065.git.roman@burningswell.com
* gnu/packages/rust-apps.scm (speakersafetyd): Update to 1.1.2.

Change-Id: I1c6d7b6080b18bd8228e8b39d1a0b42267e2b7e1
---
gnu/packages/rust-apps.scm | 16 +++++++---------
1 file changed, 7 insertions(+), 9 deletions(-)

Toggle diff (42 lines)
diff --git a/gnu/packages/rust-apps.scm b/gnu/packages/rust-apps.scm
index 2f933d836c..1211ccb0c4 100644
--- a/gnu/packages/rust-apps.scm
+++ b/gnu/packages/rust-apps.scm
@@ -3211,14 +3211,14 @@ (define-public sniffglue
(define-public speakersafetyd
(package
(name "speakersafetyd")
- (version "1.0.2")
+ (version "1.1.2")
(source
(origin
(method url-fetch)
(uri (crate-uri "speakersafetyd" version))
(file-name (string-append name "-" version ".tar.gz"))
(sha256
- (base32 "104xgyqhsg2rxa3ndkizrpndibmcbr25h63phcjswadbm8i790bz"))))
+ (base32 "1c4yk8mq8nazshdcasimlgnyhx27wzkad4wzicy5x43grq26b966"))))
(build-system cargo-build-system)
(arguments
(list
@@ -3245,13 +3245,11 @@ (define-public speakersafetyd
((".*SYSTEMD_WANTS.*") ""))))
(add-after 'install 'install-data
(lambda _
- (setenv "BINDIR" (string-append #$output "/bin"))
- (setenv "UNITDIR" (string-append #$output "/lib/systemd/system"))
- (setenv "UDEVDIR" (string-append #$output "/lib/udev/rules.d"))
- (setenv "TMPFILESDIR" (string-append #$output "/usr/lib/tmpfiles.d"))
- (setenv "SHAREDIR" (string-append #$output "/share"))
- (setenv "VARDIR" (string-append #$output "/var"))
- (invoke "make" "install-data"))))))
+ (setenv "DESTDIR" #$output)
+ (setenv "SHAREDIR" "/share")
+ (setenv "SPEAKERSAFETYD_GROUP" "nixbld")
+ (setenv "SPEAKERSAFETYD_USER" "nixbld")
+ (invoke "make" "install"))))))
(inputs (list alsa-lib))
(native-inputs (list pkg-config))
(home-page "https://github.com/AsahiLinux/speakersafetyd/")
--
2.49.0
R
R
Roman Scherer wrote on 30 Mar 05:26 -0700
[PATCH 2/2] gnu: speakersafetyd: Run as unprivileged user.
(address . 77383@debbugs.gnu.org)(name . Roman Scherer)(address . roman@burningswell.com)
d79db823aa6bcc9b38e0c3877c9a60f4b0096380.1743337065.git.roman@burningswell.com
* gnu/services/sound.scm (speakersafetyd): Run as unprivileged user.

Change-Id: I870bc7bfd69249da3a9c981f627e751395386bd2
---
doc/guix.texi | 9 +++++++
gnu/services/sound.scm | 57 +++++++++++++++++++++++++++++++++++++++---
2 files changed, 62 insertions(+), 4 deletions(-)

Toggle diff (129 lines)
diff --git a/doc/guix.texi b/doc/guix.texi
index f6d774fd13..9a6084e994 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -27268,12 +27268,21 @@ Sound Services
The base directory as a G-expression (@pxref{G-Expressions}) that
contains the configuration files of the speaker models.
+@item @code{group} (default: @code{"speakersafetyd"}) (type: string)
+The group to run the Speaker Safety Daemon as.
+
+@item @code{log-file} (default: @code{"/var/log/speakersafetyd.log"}) (type: string)
+The path to the Speaker Safety Daemon log file.
+
@item @code{maximum-gain-reduction} (default: @code{7}) (type: integer)
Maximum gain reduction before panicking, useful for debugging.
@item @code{speakersafetyd} (default: @code{speakersafetyd}) (type: file-like)
The Speaker Safety Daemon package to use.
+@item @code{user} (default: @code{"speakersafetyd"}) (type: string)
+The user to run the Speaker Safety Daemon as.
+
@end table
@end deftp
@c %end of fragment
diff --git a/gnu/services/sound.scm b/gnu/services/sound.scm
index fbaa55c553..ac87551a18 100644
--- a/gnu/services/sound.scm
+++ b/gnu/services/sound.scm
@@ -29,10 +29,12 @@ (define-module (gnu services sound)
#:use-module (gnu system shadow)
#:use-module (guix diagnostics)
#:use-module (guix gexp)
+ #:use-module (guix modules)
#:use-module (guix packages)
#:use-module (guix records)
#:use-module (guix store)
#:use-module (guix ui)
+ #:use-module (gnu packages admin)
#:use-module (gnu packages audio)
#:use-module (gnu packages linux)
#:use-module (gnu packages pulseaudio)
@@ -288,16 +290,53 @@ (define-configuration/no-serialization speakersafetyd-configuration
(file-like (file-append speakersafetyd "/share/speakersafetyd"))
"The base directory as a G-expression (@pxref{G-Expressions}) that contains
the configuration files of the speaker models.")
+ (group
+ (string "speakersafetyd")
+ "The group to run the Speaker Safety Daemon as.")
+ (log-file
+ (string "/var/log/speakersafetyd.log")
+ "The path to the Speaker Safety Daemon log file.")
(maximum-gain-reduction
(integer 7)
"Maximum gain reduction before panicking, useful for debugging.")
(speakersafetyd
(file-like speakersafetyd)
- "The Speaker Safety Daemon package to use."))
+ "The Speaker Safety Daemon package to use.")
+ (user
+ (string "speakersafetyd")
+ "The user to run the Speaker Safety Daemon as."))
+
+(define speakersafetyd-accounts
+ (match-record-lambda <speakersafetyd-configuration>
+ (blackbox-directory configuration-directory group log-file maximum-gain-reduction speakersafetyd user)
+ (list (user-group
+ (name group)
+ (system? #t))
+ (user-account
+ (name user)
+ (group group)
+ (system? #t)
+ (home-directory "/var/empty")
+ (shell (file-append shadow "/sbin/nologin"))
+ (supplementary-groups '("audio"))))))
+
+(define speakersafetyd-activation
+ (match-record-lambda <speakersafetyd-configuration>
+ (blackbox-directory configuration-directory group log-file maximum-gain-reduction speakersafetyd user)
+ (with-imported-modules (source-module-closure
+ '((gnu build activation)
+ (guix build utils)))
+ #~(begin
+ (use-modules (gnu build activation))
+ (let ((user (getpwnam #$user)))
+ (mkdir-p/perms "/run/speakersafetyd" user #o755)
+ (mkdir-p/perms "/var/lib/speakersafetyd" user #o755)
+ ;; Blackbox files contain audio recordings and might be sensitive information
+ (mkdir-p/perms #$blackbox-directory user #o700))))))
(define speakersafetyd-shepherd-service
(match-record-lambda <speakersafetyd-configuration>
- (blackbox-directory configuration-directory maximum-gain-reduction speakersafetyd)
+ (blackbox-directory configuration-directory group log-file maximum-gain-reduction speakersafetyd user)
(shepherd-service
(documentation "Run the speaker safety daemon")
(provision '(speakersafetyd))
@@ -306,7 +345,11 @@ (define speakersafetyd-shepherd-service
(list #$(file-append speakersafetyd "/bin/speakersafetyd")
"--config-path" #$configuration-directory
"--blackbox-path" #$blackbox-directory
- "--max-reduction" (number->string #$maximum-gain-reduction))))
+ "--max-reduction" (number->string #$maximum-gain-reduction))
+ #:group #$group
+ #:log-file #$log-file
+ #:supplementary-groups '("audio")
+ #:user #$user))
(stop #~(make-kill-destructor)))))
(define speakersafetyd-service-type
@@ -324,7 +367,13 @@ (define speakersafetyd-service-type
(compose list speakersafetyd-configuration-speakersafetyd))
(service-extension
profile-service-type
- (compose list speakersafetyd-configuration-speakersafetyd))))
+ (compose list speakersafetyd-configuration-speakersafetyd))
+ (service-extension
+ account-service-type
+ speakersafetyd-accounts)
+ (service-extension
+ activation-service-type
+ speakersafetyd-activation)))
(default-value (speakersafetyd-configuration))))
;;; sound.scm ends here
--
2.49.0
M
M
Maxim Cournoyer wrote on 3 Apr 03:43 -0700
(name . Roman Scherer)(address . roman@burningswell.com)
87sempzfsk.fsf@gmail.com
Hi,

Roman Scherer <roman@burningswell.com> writes:

Toggle quote (2 lines)
> * gnu/services/sound.scm (speakersafetyd): Run as unprivileged user.

Sounds good, perhaps also mention it adds a log file (is this related to
this change?).

[...]

Toggle quote (4 lines)
> +(define speakersafetyd-accounts
> + (match-record-lambda <speakersafetyd-configuration>
> + (blackbox-directory configuration-directory group log-file maximum-gain-reduction speakersafetyd user)

Please break this and next long lines into something that fits < 80
characters. You can use the Emacs indentation hack to do so and leave a
space after the opening parens to ensure it gets indented as data and
not a procedure:

( blackbox-directory configuration-directory ...
speakersafetyd user)
Toggle quote (15 lines)
> + (list (user-group
> + (name group)
> + (system? #t))
> + (user-account
> + (name user)
> + (group group)
> + (system? #t)
> + (home-directory "/var/empty")
> + (shell (file-append shadow "/sbin/nologin"))
> + (supplementary-groups '("audio"))))))
> +
> +(define speakersafetyd-activation
> + (match-record-lambda <speakersafetyd-configuration>
> + (blackbox-directory configuration-directory group log-file maximum-gain-reduction speakersafetyd user)

Line width > 80 columns.

Toggle quote (4 lines)
> + (with-imported-modules (source-module-closure
> + '((gnu build activation)
> + (guix build utils)))

Looks like you only use (gnu build activation), not (guix build utils)
in the below snippet.

Toggle quote (13 lines)
> + #~(begin
> + (use-modules (gnu build activation))
> + (let ((user (getpwnam #$user)))
> + (mkdir-p/perms "/run/speakersafetyd" user #o755)
> + (mkdir-p/perms "/var/lib/speakersafetyd" user #o755)
> + ;; Blackbox files contain audio recordings and might be sensitive information
> + (mkdir-p/perms #$blackbox-directory user #o700))))))
>
> (define speakersafetyd-shepherd-service
> (match-record-lambda <speakersafetyd-configuration>
> - (blackbox-directory configuration-directory maximum-gain-reduction speakersafetyd)
> + (blackbox-directory configuration-directory group log-file maximum-gain-reduction speakersafetyd user)

Line width > 80 columns.

Toggle quote (29 lines)
> (shepherd-service
> (documentation "Run the speaker safety daemon")
> (provision '(speakersafetyd))
> @@ -306,7 +345,11 @@ (define speakersafetyd-shepherd-service
> (list #$(file-append speakersafetyd "/bin/speakersafetyd")
> "--config-path" #$configuration-directory
> "--blackbox-path" #$blackbox-directory
> - "--max-reduction" (number->string #$maximum-gain-reduction))))
> + "--max-reduction" (number->string #$maximum-gain-reduction))
> + #:group #$group
> + #:log-file #$log-file
> + #:supplementary-groups '("audio")
> + #:user #$user))
> (stop #~(make-kill-destructor)))))
>
> (define speakersafetyd-service-type
> @@ -324,7 +367,13 @@ (define speakersafetyd-service-type
> (compose list speakersafetyd-configuration-speakersafetyd))
> (service-extension
> profile-service-type
> - (compose list speakersafetyd-configuration-speakersafetyd))))
> + (compose list speakersafetyd-configuration-speakersafetyd))
> + (service-extension
> + account-service-type
> + speakersafetyd-accounts)
> + (service-extension
> + activation-service-type
> + speakersafetyd-activation)))

nitpick but I like to put at least one argument on the same line unless
respecting the 80 columns max width is challenging, as in:

Toggle snippet (4 lines)
(service-extension account-service-type
speakersafetyd-accounts)

etc.

Other than these tiny details, it LGTM. Could you please send a v2?

--
Thanks,
Maxim
R
R
Roman Scherer wrote on 3 Apr 08:44 -0700
[PATCH v2 1/3] gnu: speakersafetyd: Update to 1.1.2.
(address . 77383@debbugs.gnu.org)(name . Roman Scherer)(address . roman@burningswell.com)
92c75e4d057966fdf586b34e34d8b43a7361e006.1743695029.git.roman@burningswell.com
* gnu/packages/rust-apps.scm (speakersafetyd): Update to 1.1.2.

Change-Id: I1c6d7b6080b18bd8228e8b39d1a0b42267e2b7e1
---
gnu/packages/rust-apps.scm | 16 +++++++---------
1 file changed, 7 insertions(+), 9 deletions(-)

Toggle diff (44 lines)
diff --git a/gnu/packages/rust-apps.scm b/gnu/packages/rust-apps.scm
index 2f933d836c..1211ccb0c4 100644
--- a/gnu/packages/rust-apps.scm
+++ b/gnu/packages/rust-apps.scm
@@ -3211,14 +3211,14 @@ (define-public sniffglue
(define-public speakersafetyd
(package
(name "speakersafetyd")
- (version "1.0.2")
+ (version "1.1.2")
(source
(origin
(method url-fetch)
(uri (crate-uri "speakersafetyd" version))
(file-name (string-append name "-" version ".tar.gz"))
(sha256
- (base32 "104xgyqhsg2rxa3ndkizrpndibmcbr25h63phcjswadbm8i790bz"))))
+ (base32 "1c4yk8mq8nazshdcasimlgnyhx27wzkad4wzicy5x43grq26b966"))))
(build-system cargo-build-system)
(arguments
(list
@@ -3245,13 +3245,11 @@ (define-public speakersafetyd
((".*SYSTEMD_WANTS.*") ""))))
(add-after 'install 'install-data
(lambda _
- (setenv "BINDIR" (string-append #$output "/bin"))
- (setenv "UNITDIR" (string-append #$output "/lib/systemd/system"))
- (setenv "UDEVDIR" (string-append #$output "/lib/udev/rules.d"))
- (setenv "TMPFILESDIR" (string-append #$output "/usr/lib/tmpfiles.d"))
- (setenv "SHAREDIR" (string-append #$output "/share"))
- (setenv "VARDIR" (string-append #$output "/var"))
- (invoke "make" "install-data"))))))
+ (setenv "DESTDIR" #$output)
+ (setenv "SHAREDIR" "/share")
+ (setenv "SPEAKERSAFETYD_GROUP" "nixbld")
+ (setenv "SPEAKERSAFETYD_USER" "nixbld")
+ (invoke "make" "install"))))))
(inputs (list alsa-lib))
(native-inputs (list pkg-config))
(home-page "https://github.com/AsahiLinux/speakersafetyd/")

base-commit: 2ed28b5c24c599b2f9bc60dfc93151cf489ca477
--
2.49.0
R
R
Roman Scherer wrote on 3 Apr 08:44 -0700
[PATCH v2 2/3] gnu: speakersafetyd: Run as unprivileged user.
(address . 77383@debbugs.gnu.org)(name . Roman Scherer)(address . roman@burningswell.com)
2788a4ea937715053ca7210a52ed0be3976fd0b6.1743695029.git.roman@burningswell.com
* gnu/services/sound.scm (speakersafetyd): Run as unprivileged user.
* doc/guix.texi: Document user and group fields.

Change-Id: I870bc7bfd69249da3a9c981f627e751395386bd2
---
doc/guix.texi | 6 +++++
gnu/services/sound.scm | 53 ++++++++++++++++++++++++++++++++++++++----
2 files changed, 55 insertions(+), 4 deletions(-)

Toggle diff (122 lines)
diff --git a/doc/guix.texi b/doc/guix.texi
index f6d774fd13..a0f2a83c36 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -27268,12 +27268,18 @@ Sound Services
The base directory as a G-expression (@pxref{G-Expressions}) that
contains the configuration files of the speaker models.
+@item @code{group} (default: @code{"speakersafetyd"}) (type: string)
+The group to run the Speaker Safety Daemon as.
+
@item @code{maximum-gain-reduction} (default: @code{7}) (type: integer)
Maximum gain reduction before panicking, useful for debugging.
@item @code{speakersafetyd} (default: @code{speakersafetyd}) (type: file-like)
The Speaker Safety Daemon package to use.
+@item @code{user} (default: @code{"speakersafetyd"}) (type: string)
+The user to run the Speaker Safety Daemon as.
+
@end table
@end deftp
@c %end of fragment
diff --git a/gnu/services/sound.scm b/gnu/services/sound.scm
index fbaa55c553..e5c26e2495 100644
--- a/gnu/services/sound.scm
+++ b/gnu/services/sound.scm
@@ -29,10 +29,12 @@ (define-module (gnu services sound)
#:use-module (gnu system shadow)
#:use-module (guix diagnostics)
#:use-module (guix gexp)
+ #:use-module (guix modules)
#:use-module (guix packages)
#:use-module (guix records)
#:use-module (guix store)
#:use-module (guix ui)
+ #:use-module (gnu packages admin)
#:use-module (gnu packages audio)
#:use-module (gnu packages linux)
#:use-module (gnu packages pulseaudio)
@@ -288,16 +290,52 @@ (define-configuration/no-serialization speakersafetyd-configuration
(file-like (file-append speakersafetyd "/share/speakersafetyd"))
"The base directory as a G-expression (@pxref{G-Expressions}) that contains
the configuration files of the speaker models.")
+ (group
+ (string "speakersafetyd")
+ "The group to run the Speaker Safety Daemon as.")
(maximum-gain-reduction
(integer 7)
"Maximum gain reduction before panicking, useful for debugging.")
(speakersafetyd
(file-like speakersafetyd)
- "The Speaker Safety Daemon package to use."))
+ "The Speaker Safety Daemon package to use.")
+ (user
+ (string "speakersafetyd")
+ "The user to run the Speaker Safety Daemon as."))
+
+(define speakersafetyd-accounts
+ (match-record-lambda <speakersafetyd-configuration>
+ ( blackbox-directory configuration-directory group
+ maximum-gain-reduction speakersafetyd user)
+ (list (user-group
+ (name group)
+ (system? #t))
+ (user-account
+ (name user)
+ (group group)
+ (system? #t)
+ (home-directory "/var/empty")
+ (shell (file-append shadow "/sbin/nologin"))
+ (supplementary-groups '("audio"))))))
+
+(define speakersafetyd-activation
+ (match-record-lambda <speakersafetyd-configuration>
+ ( blackbox-directory configuration-directory group
+ maximum-gain-reduction speakersafetyd user)
+ (with-imported-modules (source-module-closure '((gnu build activation)))
+ #~(begin
+ (use-modules (gnu build activation))
+ (let ((user (getpwnam #$user)))
+ (mkdir-p/perms "/run/speakersafetyd" user #o755)
+ (mkdir-p/perms "/var/lib/speakersafetyd" user #o755)
+ ;; Blackbox files contain audio recordings and might be sensitive
+ ;; information
+ (mkdir-p/perms #$blackbox-directory user #o700))))))
(define speakersafetyd-shepherd-service
(match-record-lambda <speakersafetyd-configuration>
- (blackbox-directory configuration-directory maximum-gain-reduction speakersafetyd)
+ ( blackbox-directory configuration-directory group
+ maximum-gain-reduction speakersafetyd user)
(shepherd-service
(documentation "Run the speaker safety daemon")
(provision '(speakersafetyd))
@@ -306,7 +344,10 @@ (define speakersafetyd-shepherd-service
(list #$(file-append speakersafetyd "/bin/speakersafetyd")
"--config-path" #$configuration-directory
"--blackbox-path" #$blackbox-directory
- "--max-reduction" (number->string #$maximum-gain-reduction))))
+ "--max-reduction" (number->string #$maximum-gain-reduction))
+ #:group #$group
+ #:supplementary-groups '("audio")
+ #:user #$user))
(stop #~(make-kill-destructor)))))
(define speakersafetyd-service-type
@@ -324,7 +365,11 @@ (define speakersafetyd-service-type
(compose list speakersafetyd-configuration-speakersafetyd))
(service-extension
profile-service-type
- (compose list speakersafetyd-configuration-speakersafetyd))))
+ (compose list speakersafetyd-configuration-speakersafetyd))
+ (service-extension account-service-type
+ speakersafetyd-accounts)
+ (service-extension activation-service-type
+ speakersafetyd-activation)))
(default-value (speakersafetyd-configuration))))
;;; sound.scm ends here
--
2.49.0
R
R
Roman Scherer wrote on 3 Apr 08:44 -0700
[PATCH v2 3/3] gnu: speakersafetyd: Add log file.
(address . 77383@debbugs.gnu.org)(name . Roman Scherer)(address . roman@burningswell.com)
5ba23c403131cee486e54fd2c8dfcd21d2bf3b6f.1743695029.git.roman@burningswell.com
* gnu/services/sound.scm (speakersafetyd): Add log file.
* doc/guix.texi: Document log-file field.

Change-Id: I870bc7bfd69249da3a9c981f627e751395386bd2
---
doc/guix.texi | 3 +++
gnu/services/sound.scm | 10 +++++++---
2 files changed, 10 insertions(+), 3 deletions(-)

Toggle diff (65 lines)
diff --git a/doc/guix.texi b/doc/guix.texi
index a0f2a83c36..9a6084e994 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -27271,6 +27271,9 @@ Sound Services
@item @code{group} (default: @code{"speakersafetyd"}) (type: string)
The group to run the Speaker Safety Daemon as.
+@item @code{log-file} (default: @code{"/var/log/speakersafetyd.log"}) (type: string)
+The path to the Speaker Safety Daemon log file.
+
@item @code{maximum-gain-reduction} (default: @code{7}) (type: integer)
Maximum gain reduction before panicking, useful for debugging.
diff --git a/gnu/services/sound.scm b/gnu/services/sound.scm
index e5c26e2495..39b5d043a3 100644
--- a/gnu/services/sound.scm
+++ b/gnu/services/sound.scm
@@ -293,6 +293,9 @@ (define-configuration/no-serialization speakersafetyd-configuration
(group
(string "speakersafetyd")
"The group to run the Speaker Safety Daemon as.")
+ (log-file
+ (string "/var/log/speakersafetyd.log")
+ "The path to the Speaker Safety Daemon log file.")
(maximum-gain-reduction
(integer 7)
"Maximum gain reduction before panicking, useful for debugging.")
@@ -305,7 +308,7 @@ (define-configuration/no-serialization speakersafetyd-configuration
(define speakersafetyd-accounts
(match-record-lambda <speakersafetyd-configuration>
- ( blackbox-directory configuration-directory group
+ ( blackbox-directory configuration-directory group log-file
maximum-gain-reduction speakersafetyd user)
(list (user-group
(name group)
@@ -320,7 +323,7 @@ (define speakersafetyd-accounts
(define speakersafetyd-activation
(match-record-lambda <speakersafetyd-configuration>
- ( blackbox-directory configuration-directory group
+ ( blackbox-directory configuration-directory group log-file
maximum-gain-reduction speakersafetyd user)
(with-imported-modules (source-module-closure '((gnu build activation)))
#~(begin
@@ -334,7 +337,7 @@ (define speakersafetyd-activation
(define speakersafetyd-shepherd-service
(match-record-lambda <speakersafetyd-configuration>
- ( blackbox-directory configuration-directory group
+ ( blackbox-directory configuration-directory group log-file
maximum-gain-reduction speakersafetyd user)
(shepherd-service
(documentation "Run the speaker safety daemon")
@@ -346,6 +349,7 @@ (define speakersafetyd-shepherd-service
"--blackbox-path" #$blackbox-directory
"--max-reduction" (number->string #$maximum-gain-reduction))
#:group #$group
+ #:log-file #$log-file
#:supplementary-groups '("audio")
#:user #$user))
(stop #~(make-kill-destructor)))))
--
2.49.0
R
R
Roman Scherer wrote on 3 Apr 08:47 -0700
Re: [bug#77383] [PATCH 2/2] gnu: speakersafetyd: Run as unprivileged user.
(name . Maxim Cournoyer)(address . maxim.cournoyer@gmail.com)
86iknl2qo8.fsf@burningswell.com
Hi Maxim,

thanks for the review. I just sent a v2 of the patch series.

Maxim Cournoyer <maxim.cournoyer@gmail.com> writes:

Toggle quote (9 lines)
> Hi,
>
> Roman Scherer <roman@burningswell.com> writes:
>
>> * gnu/services/sound.scm (speakersafetyd): Run as unprivileged user.
>
> Sounds good, perhaps also mention it adds a log file (is this related to
> this change?).

No, it's not related. I split the log file into another commit.

Toggle quote (15 lines)
> [...]
>
>> +(define speakersafetyd-accounts
>> + (match-record-lambda <speakersafetyd-configuration>
>> + (blackbox-directory configuration-directory group log-file maximum-gain-reduction speakersafetyd user)
>
> Please break this and next long lines into something that fits < 80
> characters. You can use the Emacs indentation hack to do so and leave a
> space after the opening parens to ensure it gets indented as data and
> not a procedure:
>
> ( blackbox-directory configuration-directory ...
> speakersafetyd user)
>

Interesting, didn't know about this Emacs indentation hack.

Toggle quote (79 lines)
>> + (list (user-group
>> + (name group)
>> + (system? #t))
>> + (user-account
>> + (name user)
>> + (group group)
>> + (system? #t)
>> + (home-directory "/var/empty")
>> + (shell (file-append shadow "/sbin/nologin"))
>> + (supplementary-groups '("audio"))))))
>> +
>> +(define speakersafetyd-activation
>> + (match-record-lambda <speakersafetyd-configuration>
>> + (blackbox-directory configuration-directory group log-file maximum-gain-reduction speakersafetyd user)
>
> Line width > 80 columns.
>
>> + (with-imported-modules (source-module-closure
>> + '((gnu build activation)
>> + (guix build utils)))
>
> Looks like you only use (gnu build activation), not (guix build utils)
> in the below snippet.
>
>> + #~(begin
>> + (use-modules (gnu build activation))
>> + (let ((user (getpwnam #$user)))
>> + (mkdir-p/perms "/run/speakersafetyd" user #o755)
>> + (mkdir-p/perms "/var/lib/speakersafetyd" user #o755)
>> + ;; Blackbox files contain audio recordings and might be sensitive information
>> + (mkdir-p/perms #$blackbox-directory user #o700))))))
>>
>> (define speakersafetyd-shepherd-service
>> (match-record-lambda <speakersafetyd-configuration>
>> - (blackbox-directory configuration-directory maximum-gain-reduction speakersafetyd)
>> + (blackbox-directory configuration-directory group log-file maximum-gain-reduction speakersafetyd user)
>
> Line width > 80 columns.
>
>> (shepherd-service
>> (documentation "Run the speaker safety daemon")
>> (provision '(speakersafetyd))
>> @@ -306,7 +345,11 @@ (define speakersafetyd-shepherd-service
>> (list #$(file-append speakersafetyd "/bin/speakersafetyd")
>> "--config-path" #$configuration-directory
>> "--blackbox-path" #$blackbox-directory
>> - "--max-reduction" (number->string #$maximum-gain-reduction))))
>> + "--max-reduction" (number->string #$maximum-gain-reduction))
>> + #:group #$group
>> + #:log-file #$log-file
>> + #:supplementary-groups '("audio")
>> + #:user #$user))
>> (stop #~(make-kill-destructor)))))
>>
>> (define speakersafetyd-service-type
>> @@ -324,7 +367,13 @@ (define speakersafetyd-service-type
>> (compose list speakersafetyd-configuration-speakersafetyd))
>> (service-extension
>> profile-service-type
>> - (compose list speakersafetyd-configuration-speakersafetyd))))
>> + (compose list speakersafetyd-configuration-speakersafetyd))
>> + (service-extension
>> + account-service-type
>> + speakersafetyd-accounts)
>> + (service-extension
>> + activation-service-type
>> + speakersafetyd-activation)))
>
> nitpick but I like to put at least one argument on the same line unless
> respecting the 80 columns max width is challenging, as in:
>
> --8<---------------cut here---------------start------------->8---
> (service-extension account-service-type
> speakersafetyd-accounts)
> --8<---------------cut here---------------end--------------->8---
>
> etc.
>
> Other than these tiny details, it LGTM. Could you please send a v2?
-----BEGIN PGP SIGNATURE-----

iQFLBAEBCAA1FiEE0iajOdjfRIFd3gygPdpSUn0qwZkFAmfurXcXHHJvbWFuQGJ1
cm5pbmdzd2VsbC5jb20ACgkQPdpSUn0qwZkeKgf+K1UZ2hiliPTD5Alfd6BIIflg
yQ3csta7VeoJQTObaFHV+AbS9QRg1+FsrSj0wwznGd3I1gmoHZHhFiPAAQ5gIHbR
BTJZFwOrl8xwKrJQxEg3HEv6jpBZgiagiVbllZs3jQuTxoozXBRvfgzJt8ob+l9j
AUKdL3bY5sLvaXYsJqdR91O4YRzuJ+Cp8TnUr6RJ3KRTcfxQ1lLOd9jSAk6V/6AQ
trnMgjNqrlX4q8CR6B7kz4lw/sHYIqCu4OsMm3W2qRPKv6vHJrcWvBrF8Tcdfjux
x7a8GVkURAsuDgltgliHVuRtUSY/nb696Bh3yGX8V5LYjw8lufkHaLJ2w1ujAw==
=Nhwh
-----END PGP SIGNATURE-----

M
M
Maxim Cournoyer wrote on 7 Apr 19:09 -0700
Re: [bug#77383] [PATCH v2 1/3] gnu: speakersafetyd: Update to 1.1.2.
(name . Roman Scherer)(address . roman@burningswell.com)
87ldsbz9nt.fsf@gmail.com
Hi Roman,

2nd pass over this series.

Roman Scherer <roman@burningswell.com> writes:

Toggle quote (4 lines)
> * gnu/packages/rust-apps.scm (speakersafetyd): Update to 1.1.2.
>
> Change-Id: I1c6d7b6080b18bd8228e8b39d1a0b42267e2b7e1

[...]

Toggle quote (12 lines)
> - (setenv "BINDIR" (string-append #$output "/bin"))
> - (setenv "UNITDIR" (string-append #$output "/lib/systemd/system"))
> - (setenv "UDEVDIR" (string-append #$output "/lib/udev/rules.d"))
> - (setenv "TMPFILESDIR" (string-append #$output "/usr/lib/tmpfiles.d"))
> - (setenv "SHAREDIR" (string-append #$output "/share"))
> - (setenv "VARDIR" (string-append #$output "/var"))
> - (invoke "make" "install-data"))))))
> + (setenv "DESTDIR" #$output)
> + (setenv "SHAREDIR" "/share")
> + (setenv "SPEAKERSAFETYD_GROUP" "nixbld")
> + (setenv "SPEAKERSAFETYD_USER" "nixbld")

Since this are just setting environment variables, which are statufel,
there's no need to override the install phase, it can go in a
'prepare-to-install or similarly named phase ordered before 'install.

--
Thanks,
Maxim
M
M
Maxim Cournoyer wrote on 7 Apr 19:13 -0700
Re: [bug#77383] [PATCH v2 2/3] gnu: speakersafetyd: Run as unprivileged user.
(name . Roman Scherer)(address . roman@burningswell.com)
87h62zz9hs.fsf@gmail.com
Hi,

Roman Scherer <roman@burningswell.com> writes:

Toggle quote (5 lines)
> * gnu/services/sound.scm (speakersafetyd): Run as unprivileged user.
> * doc/guix.texi: Document user and group fields.
>
> Change-Id: I870bc7bfd69249da3a9c981f627e751395386bd2

[...]

Toggle quote (5 lines)
> +(define speakersafetyd-accounts
> + (match-record-lambda <speakersafetyd-configuration>
> + ( blackbox-directory configuration-directory group
> + maximum-gain-reduction speakersafetyd user)

You don't need to list all the fields when using match-record, and I
assume match-record-lambda as well. Here only `group' and `user'
appears useful.

Toggle quote (16 lines)
> + (list (user-group
> + (name group)
> + (system? #t))
> + (user-account
> + (name user)
> + (group group)
> + (system? #t)
> + (home-directory "/var/empty")
> + (shell (file-append shadow "/sbin/nologin"))
> + (supplementary-groups '("audio"))))))
> +
> +(define speakersafetyd-activation
> + (match-record-lambda <speakersafetyd-configuration>
> + ( blackbox-directory configuration-directory group
> + maximum-gain-reduction speakersafetyd user)

Likewise.

Toggle quote (29 lines)
> + (with-imported-modules (source-module-closure '((gnu build activation)))
> + #~(begin
> + (use-modules (gnu build activation))
> + (let ((user (getpwnam #$user)))
> + (mkdir-p/perms "/run/speakersafetyd" user #o755)
> + (mkdir-p/perms "/var/lib/speakersafetyd" user #o755)
> + ;; Blackbox files contain audio recordings and might be sensitive
> + ;; information
> + (mkdir-p/perms #$blackbox-directory user #o700))))))
>
> (define speakersafetyd-shepherd-service
> (match-record-lambda <speakersafetyd-configuration>
> - (blackbox-directory configuration-directory maximum-gain-reduction speakersafetyd)
> + ( blackbox-directory configuration-directory group
> + maximum-gain-reduction speakersafetyd user)
> (shepherd-service
> (documentation "Run the speaker safety daemon")
> (provision '(speakersafetyd))
> @@ -306,7 +344,10 @@ (define speakersafetyd-shepherd-service
> (list #$(file-append speakersafetyd "/bin/speakersafetyd")
> "--config-path" #$configuration-directory
> "--blackbox-path" #$blackbox-directory
> - "--max-reduction" (number->string #$maximum-gain-reduction))))
> + "--max-reduction" (number->string #$maximum-gain-reduction))
> + #:group #$group
> + #:supplementary-groups '("audio")
> + #:user #$user))
> (stop #~(make-kill-destructor)))))

Not for a future improvement: we also have a least-authority-wrapper
defined in (guix least-authority) that can wrap a binary to have it run
in a Linux container, to further sandbox the process.

--
Thanks,
Maxim
M
M
Maxim Cournoyer wrote on 7 Apr 19:15 -0700
Re: [bug#77383] [PATCH v2 3/3] gnu: speakersafetyd: Add log file.
(name . Roman Scherer)(address . roman@burningswell.com)
87cydnz9e8.fsf@gmail.com
Hi,

Roman Scherer <roman@burningswell.com> writes:

Toggle quote (35 lines)
> * gnu/services/sound.scm (speakersafetyd): Add log file.
> * doc/guix.texi: Document log-file field.
>
> Change-Id: I870bc7bfd69249da3a9c981f627e751395386bd2
> ---
> doc/guix.texi | 3 +++
> gnu/services/sound.scm | 10 +++++++---
> 2 files changed, 10 insertions(+), 3 deletions(-)
>
> diff --git a/doc/guix.texi b/doc/guix.texi
> index a0f2a83c36..9a6084e994 100644
> --- a/doc/guix.texi
> +++ b/doc/guix.texi
> @@ -27271,6 +27271,9 @@ Sound Services
> @item @code{group} (default: @code{"speakersafetyd"}) (type: string)
> The group to run the Speaker Safety Daemon as.
>
> +@item @code{log-file} (default: @code{"/var/log/speakersafetyd.log"}) (type: string)
> +The path to the Speaker Safety Daemon log file.
> +
> @item @code{maximum-gain-reduction} (default: @code{7}) (type: integer)
> Maximum gain reduction before panicking, useful for debugging.
>
> diff --git a/gnu/services/sound.scm b/gnu/services/sound.scm
> index e5c26e2495..39b5d043a3 100644
> --- a/gnu/services/sound.scm
> +++ b/gnu/services/sound.scm
> @@ -293,6 +293,9 @@ (define-configuration/no-serialization speakersafetyd-configuration
> (group
> (string "speakersafetyd")
> "The group to run the Speaker Safety Daemon as.")
> + (log-file
> + (string "/var/log/speakersafetyd.log")
> + "The path to the Speaker Safety Daemon log file.")

The convention in GNU is to use 'path' only for search paths; the
preferred term for file names is 'file name'.

Toggle quote (29 lines)
> (maximum-gain-reduction
> (integer 7)
> "Maximum gain reduction before panicking, useful for debugging.")
> @@ -305,7 +308,7 @@ (define-configuration/no-serialization speakersafetyd-configuration
>
> (define speakersafetyd-accounts
> (match-record-lambda <speakersafetyd-configuration>
> - ( blackbox-directory configuration-directory group
> + ( blackbox-directory configuration-directory group log-file
> maximum-gain-reduction speakersafetyd user)
> (list (user-group
> (name group)
> @@ -320,7 +323,7 @@ (define speakersafetyd-accounts
>
> (define speakersafetyd-activation
> (match-record-lambda <speakersafetyd-configuration>
> - ( blackbox-directory configuration-directory group
> + ( blackbox-directory configuration-directory group log-file
> maximum-gain-reduction speakersafetyd user)
> (with-imported-modules (source-module-closure '((gnu build activation)))
> #~(begin
> @@ -334,7 +337,7 @@ (define speakersafetyd-activation
>
> (define speakersafetyd-shepherd-service
> (match-record-lambda <speakersafetyd-configuration>
> - ( blackbox-directory configuration-directory group
> + ( blackbox-directory configuration-directory group log-file
> maximum-gain-reduction speakersafetyd user)

As mentioned earlier, make sure to expose only the fields needed in the
above match-record-lambda forms.

Toggle quote (11 lines)
> (shepherd-service
> (documentation "Run the speaker safety daemon")
> @@ -346,6 +349,7 @@ (define speakersafetyd-shepherd-service
> "--blackbox-path" #$blackbox-directory
> "--max-reduction" (number->string #$maximum-gain-reduction))
> #:group #$group
> + #:log-file #$log-file
> #:supplementary-groups '("audio")
> #:user #$user))
> (stop #~(make-kill-destructor)))))

Otherwise, LGTM!

Could you send a hopefully final v3?

--
Thanks,
Maxim
R
R
Roman Scherer wrote on 9 Apr 10:26 -0700
[PATCH v3 1/3] gnu: speakersafetyd: Update to 1.1.2.
(address . 77383@debbugs.gnu.org)(name . Roman Scherer)(address . roman@burningswell.com)
58e6296eb44b3e82e5d6367ae85b681463a38613.1744217514.git.roman@burningswell.com
* gnu/packages/rust-apps.scm (speakersafetyd): Update to 1.1.2.

Change-Id: I1c6d7b6080b18bd8228e8b39d1a0b42267e2b7e1
---
gnu/packages/rust-apps.scm | 18 ++++++++----------
1 file changed, 8 insertions(+), 10 deletions(-)

Toggle diff (47 lines)
diff --git a/gnu/packages/rust-apps.scm b/gnu/packages/rust-apps.scm
index 2f933d836c..4d9430e5da 100644
--- a/gnu/packages/rust-apps.scm
+++ b/gnu/packages/rust-apps.scm
@@ -3211,14 +3211,14 @@ (define-public sniffglue
(define-public speakersafetyd
(package
(name "speakersafetyd")
- (version "1.0.2")
+ (version "1.1.2")
(source
(origin
(method url-fetch)
(uri (crate-uri "speakersafetyd" version))
(file-name (string-append name "-" version ".tar.gz"))
(sha256
- (base32 "104xgyqhsg2rxa3ndkizrpndibmcbr25h63phcjswadbm8i790bz"))))
+ (base32 "1c4yk8mq8nazshdcasimlgnyhx27wzkad4wzicy5x43grq26b966"))))
(build-system cargo-build-system)
(arguments
(list
@@ -3243,15 +3243,13 @@ (define-public speakersafetyd
(lambda _
(substitute* "95-speakersafetyd.rules"
((".*SYSTEMD_WANTS.*") ""))))
- (add-after 'install 'install-data
+ (add-before 'install 'prepare-to-install
(lambda _
- (setenv "BINDIR" (string-append #$output "/bin"))
- (setenv "UNITDIR" (string-append #$output "/lib/systemd/system"))
- (setenv "UDEVDIR" (string-append #$output "/lib/udev/rules.d"))
- (setenv "TMPFILESDIR" (string-append #$output "/usr/lib/tmpfiles.d"))
- (setenv "SHAREDIR" (string-append #$output "/share"))
- (setenv "VARDIR" (string-append #$output "/var"))
- (invoke "make" "install-data"))))))
+ (setenv "DESTDIR" #$output)
+ (setenv "SHAREDIR" "/share")
+ (setenv "SPEAKERSAFETYD_GROUP" "nixbld")
+ (setenv "SPEAKERSAFETYD_USER" "nixbld")
+ (invoke "make" "install"))))))
(inputs (list alsa-lib))
(native-inputs (list pkg-config))
(home-page "https://github.com/AsahiLinux/speakersafetyd/")

base-commit: f0c0769189d11debf7b237a02695c44c9773d52a
--
2.49.0
R
R
Roman Scherer wrote on 9 Apr 10:26 -0700
[PATCH v3 2/3] gnu: speakersafetyd: Run as unprivileged user.
(address . 77383@debbugs.gnu.org)(name . Roman Scherer)(address . roman@burningswell.com)
140f135aa4f94ad69765f7c2a7b38684342ca382.1744217514.git.roman@burningswell.com
* gnu/services/sound.scm (speakersafetyd): Run as unprivileged user.

Change-Id: I870bc7bfd69249da3a9c981f627e751395386bd2
---
doc/guix.texi | 6 +++++
gnu/services/sound.scm | 51 ++++++++++++++++++++++++++++++++++++++----
2 files changed, 53 insertions(+), 4 deletions(-)

Toggle diff (120 lines)
diff --git a/doc/guix.texi b/doc/guix.texi
index bee80cd4e2..6acbf1ba55 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -27267,12 +27267,18 @@ Sound Services
The base directory as a G-expression (@pxref{G-Expressions}) that
contains the configuration files of the speaker models.
+@item @code{group} (default: @code{"speakersafetyd"}) (type: string)
+The group to run the Speaker Safety Daemon as.
+
@item @code{maximum-gain-reduction} (default: @code{7}) (type: integer)
Maximum gain reduction before panicking, useful for debugging.
@item @code{speakersafetyd} (default: @code{speakersafetyd}) (type: file-like)
The Speaker Safety Daemon package to use.
+@item @code{user} (default: @code{"speakersafetyd"}) (type: string)
+The user to run the Speaker Safety Daemon as.
+
@end table
@end deftp
@c %end of fragment
diff --git a/gnu/services/sound.scm b/gnu/services/sound.scm
index fbaa55c553..0558d4fce8 100644
--- a/gnu/services/sound.scm
+++ b/gnu/services/sound.scm
@@ -29,10 +29,12 @@ (define-module (gnu services sound)
#:use-module (gnu system shadow)
#:use-module (guix diagnostics)
#:use-module (guix gexp)
+ #:use-module (guix modules)
#:use-module (guix packages)
#:use-module (guix records)
#:use-module (guix store)
#:use-module (guix ui)
+ #:use-module (gnu packages admin)
#:use-module (gnu packages audio)
#:use-module (gnu packages linux)
#:use-module (gnu packages pulseaudio)
@@ -288,16 +290,50 @@ (define-configuration/no-serialization speakersafetyd-configuration
(file-like (file-append speakersafetyd "/share/speakersafetyd"))
"The base directory as a G-expression (@pxref{G-Expressions}) that contains
the configuration files of the speaker models.")
+ (group
+ (string "speakersafetyd")
+ "The group to run the Speaker Safety Daemon as.")
(maximum-gain-reduction
(integer 7)
"Maximum gain reduction before panicking, useful for debugging.")
(speakersafetyd
(file-like speakersafetyd)
- "The Speaker Safety Daemon package to use."))
+ "The Speaker Safety Daemon package to use.")
+ (user
+ (string "speakersafetyd")
+ "The user to run the Speaker Safety Daemon as."))
+
+(define speakersafetyd-accounts
+ (match-record-lambda <speakersafetyd-configuration>
+ (group user)
+ (list (user-group
+ (name group)
+ (system? #t))
+ (user-account
+ (name user)
+ (group group)
+ (system? #t)
+ (home-directory "/var/empty")
+ (shell (file-append shadow "/sbin/nologin"))
+ (supplementary-groups '("audio"))))))
+
+(define speakersafetyd-activation
+ (match-record-lambda <speakersafetyd-configuration>
+ (blackbox-directory group user)
+ (with-imported-modules (source-module-closure '((gnu build activation)))
+ #~(begin
+ (use-modules (gnu build activation))
+ (let ((user (getpwnam #$user)))
+ (mkdir-p/perms "/run/speakersafetyd" user #o755)
+ (mkdir-p/perms "/var/lib/speakersafetyd" user #o755)
+ ;; Blackbox files contain audio recordings and might be sensitive
+ ;; information
+ (mkdir-p/perms #$blackbox-directory user #o700))))))
(define speakersafetyd-shepherd-service
(match-record-lambda <speakersafetyd-configuration>
- (blackbox-directory configuration-directory maximum-gain-reduction speakersafetyd)
+ ( blackbox-directory configuration-directory group
+ maximum-gain-reduction speakersafetyd user)
(shepherd-service
(documentation "Run the speaker safety daemon")
(provision '(speakersafetyd))
@@ -306,7 +342,10 @@ (define speakersafetyd-shepherd-service
(list #$(file-append speakersafetyd "/bin/speakersafetyd")
"--config-path" #$configuration-directory
"--blackbox-path" #$blackbox-directory
- "--max-reduction" (number->string #$maximum-gain-reduction))))
+ "--max-reduction" (number->string #$maximum-gain-reduction))
+ #:group #$group
+ #:supplementary-groups '("audio")
+ #:user #$user))
(stop #~(make-kill-destructor)))))
(define speakersafetyd-service-type
@@ -324,7 +363,11 @@ (define speakersafetyd-service-type
(compose list speakersafetyd-configuration-speakersafetyd))
(service-extension
profile-service-type
- (compose list speakersafetyd-configuration-speakersafetyd))))
+ (compose list speakersafetyd-configuration-speakersafetyd))
+ (service-extension account-service-type
+ speakersafetyd-accounts)
+ (service-extension activation-service-type
+ speakersafetyd-activation)))
(default-value (speakersafetyd-configuration))))
;;; sound.scm ends here
--
2.49.0
R
R
Roman Scherer wrote on 9 Apr 10:26 -0700
[PATCH v3 3/3] gnu: speakersafetyd: Add log file.
(address . 77383@debbugs.gnu.org)(name . Roman Scherer)(address . roman@burningswell.com)
d2c379f0d5dc05670e617ec3094bc0f4afa83651.1744217514.git.roman@burningswell.com
* gnu/services/sound.scm (speakersafetyd): Add log file.

Change-Id: I870bc7bfd69249da3a9c981f627e751395386bd2
---
doc/guix.texi | 3 +++
gnu/services/sound.scm | 6 +++++-
2 files changed, 8 insertions(+), 1 deletion(-)

Toggle diff (47 lines)
diff --git a/doc/guix.texi b/doc/guix.texi
index 6acbf1ba55..60a82081d4 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -27270,6 +27270,9 @@ Sound Services
@item @code{group} (default: @code{"speakersafetyd"}) (type: string)
The group to run the Speaker Safety Daemon as.
+@item @code{log-file} (default: @code{"/var/log/speakersafetyd.log"}) (type: string)
+The file name to the Speaker Safety Daemon log file.
+
@item @code{maximum-gain-reduction} (default: @code{7}) (type: integer)
Maximum gain reduction before panicking, useful for debugging.
diff --git a/gnu/services/sound.scm b/gnu/services/sound.scm
index 0558d4fce8..23f92f6bee 100644
--- a/gnu/services/sound.scm
+++ b/gnu/services/sound.scm
@@ -293,6 +293,9 @@ (define-configuration/no-serialization speakersafetyd-configuration
(group
(string "speakersafetyd")
"The group to run the Speaker Safety Daemon as.")
+ (log-file
+ (string "/var/log/speakersafetyd.log")
+ "The file name to the Speaker Safety Daemon log file.")
(maximum-gain-reduction
(integer 7)
"Maximum gain reduction before panicking, useful for debugging.")
@@ -332,7 +335,7 @@ (define speakersafetyd-activation
(define speakersafetyd-shepherd-service
(match-record-lambda <speakersafetyd-configuration>
- ( blackbox-directory configuration-directory group
+ ( blackbox-directory configuration-directory group log-file
maximum-gain-reduction speakersafetyd user)
(shepherd-service
(documentation "Run the speaker safety daemon")
@@ -344,6 +347,7 @@ (define speakersafetyd-shepherd-service
"--blackbox-path" #$blackbox-directory
"--max-reduction" (number->string #$maximum-gain-reduction))
#:group #$group
+ #:log-file #$log-file
#:supplementary-groups '("audio")
#:user #$user))
(stop #~(make-kill-destructor)))))
--
2.49.0
R
R
Roman Scherer wrote on 9 Apr 10:30 -0700
Re: [bug#77383] [PATCH v2 3/3] gnu: speakersafetyd: Add log file.
(name . Maxim Cournoyer)(address . maxim.cournoyer@gmail.com)
86plhldyzp.fsf@burningswell.com
Hi Maxim,

I just sent a v3 of the patch series.

Maxim Cournoyer <maxim.cournoyer@gmail.com> writes:

Toggle quote (43 lines)
> Hi,
>
> Roman Scherer <roman@burningswell.com> writes:
>
>> * gnu/services/sound.scm (speakersafetyd): Add log file.
>> * doc/guix.texi: Document log-file field.
>>
>> Change-Id: I870bc7bfd69249da3a9c981f627e751395386bd2
>> ---
>> doc/guix.texi | 3 +++
>> gnu/services/sound.scm | 10 +++++++---
>> 2 files changed, 10 insertions(+), 3 deletions(-)
>>
>> diff --git a/doc/guix.texi b/doc/guix.texi
>> index a0f2a83c36..9a6084e994 100644
>> --- a/doc/guix.texi
>> +++ b/doc/guix.texi
>> @@ -27271,6 +27271,9 @@ Sound Services
>> @item @code{group} (default: @code{"speakersafetyd"}) (type: string)
>> The group to run the Speaker Safety Daemon as.
>>
>> +@item @code{log-file} (default: @code{"/var/log/speakersafetyd.log"}) (type: string)
>> +The path to the Speaker Safety Daemon log file.
>> +
>> @item @code{maximum-gain-reduction} (default: @code{7}) (type: integer)
>> Maximum gain reduction before panicking, useful for debugging.
>>
>> diff --git a/gnu/services/sound.scm b/gnu/services/sound.scm
>> index e5c26e2495..39b5d043a3 100644
>> --- a/gnu/services/sound.scm
>> +++ b/gnu/services/sound.scm
>> @@ -293,6 +293,9 @@ (define-configuration/no-serialization speakersafetyd-configuration
>> (group
>> (string "speakersafetyd")
>> "The group to run the Speaker Safety Daemon as.")
>> + (log-file
>> + (string "/var/log/speakersafetyd.log")
>> + "The path to the Speaker Safety Daemon log file.")
>
> The convention in GNU is to use 'path' only for search paths; the
> preferred term for file names is 'file name'.
>

I changed it.

Toggle quote (33 lines)
>> (maximum-gain-reduction
>> (integer 7)
>> "Maximum gain reduction before panicking, useful for debugging.")
>> @@ -305,7 +308,7 @@ (define-configuration/no-serialization speakersafetyd-configuration
>>
>> (define speakersafetyd-accounts
>> (match-record-lambda <speakersafetyd-configuration>
>> - ( blackbox-directory configuration-directory group
>> + ( blackbox-directory configuration-directory group log-file
>> maximum-gain-reduction speakersafetyd user)
>> (list (user-group
>> (name group)
>> @@ -320,7 +323,7 @@ (define speakersafetyd-accounts
>>
>> (define speakersafetyd-activation
>> (match-record-lambda <speakersafetyd-configuration>
>> - ( blackbox-directory configuration-directory group
>> + ( blackbox-directory configuration-directory group log-file
>> maximum-gain-reduction speakersafetyd user)
>> (with-imported-modules (source-module-closure '((gnu build activation)))
>> #~(begin
>> @@ -334,7 +337,7 @@ (define speakersafetyd-activation
>>
>> (define speakersafetyd-shepherd-service
>> (match-record-lambda <speakersafetyd-configuration>
>> - ( blackbox-directory configuration-directory group
>> + ( blackbox-directory configuration-directory group log-file
>> maximum-gain-reduction speakersafetyd user)
>
> As mentioned earlier, make sure to expose only the fields needed in the
> above match-record-lambda forms.
>

Nice! I somehow thought I had to list all of them, and even in the right
order :)

Toggle quote (15 lines)
>> (shepherd-service
>> (documentation "Run the speaker safety daemon")
>> @@ -346,6 +349,7 @@ (define speakersafetyd-shepherd-service
>> "--blackbox-path" #$blackbox-directory
>> "--max-reduction" (number->string #$maximum-gain-reduction))
>> #:group #$group
>> + #:log-file #$log-file
>> #:supplementary-groups '("audio")
>> #:user #$user))
>> (stop #~(make-kill-destructor)))))
>
> Otherwise, LGTM!
>
> Could you send a hopefully final v3?

Thanks for your review. Could you have another look?

Roman.
-----BEGIN PGP SIGNATURE-----

iQFLBAEBCAA1FiEE0iajOdjfRIFd3gygPdpSUn0qwZkFAmf2rpoXHHJvbWFuQGJ1
cm5pbmdzd2VsbC5jb20ACgkQPdpSUn0qwZkNmQgAwcTJnZ+hwGsbN+vjLBZL+PpC
Fna72eSHfLHmBevcnMtIntlqoundo0aO3Up0cepmdSjvXM7DocUcz2Jz1yjHXxyN
t5oQlGvVSUXknuxwtw8fgH+8MJUhh+U378gD8/gd15mxbbjBJz3e4zmKxFdCi0u9
wNydGqy+9TZIe6nSz/CR+Qcx5gw/HBcjXwofYMKTT3S23IqBfdZrhyQjlWJhZG6D
ZPCKi2068ubgi8bAEompgZSEjsAsRCWswMVSl3+QL00ctPcOIIo7ABa1VXlfhWJt
WpvUIqGMA06CeiigqCtY4tt0c7Xg2VkgYCedPLAVpFmtP+9CIPe4ScMURjlZag==
=mAuA
-----END PGP SIGNATURE-----

R
R
Roman Scherer wrote on 9 Apr 10:31 -0700
Re: [bug#77383] [PATCH v2 2/3] gnu: speakersafetyd: Run as unprivileged user.
(name . Maxim Cournoyer)(address . maxim.cournoyer@gmail.com)
86jz7tdyxx.fsf@burningswell.com
References: <92c75e4d057966fdf586b34e34d8b43a7361e006.1743695029.git.roman@burningswell.com>
<2788a4ea937715053ca7210a52ed0be3976fd0b6.1743695029.git.roman@burningswell.com>
<87h62zz9hs.fsf@gmail.com>
User-Agent: mu4e 1.12.9; emacs 29.4
Hi Maxim,

Date: Wed, 09 Apr 2025 19:31:06 +0200

Maxim Cournoyer <maxim.cournoyer@gmail.com> writes:

Toggle quote (71 lines)
> Hi,
>
> Roman Scherer <roman@burningswell.com> writes:
>
>> * gnu/services/sound.scm (speakersafetyd): Run as unprivileged user.
>> * doc/guix.texi: Document user and group fields.
>>
>> Change-Id: I870bc7bfd69249da3a9c981f627e751395386bd2
>
> [...]
>
>> +(define speakersafetyd-accounts
>> + (match-record-lambda <speakersafetyd-configuration>
>> + ( blackbox-directory configuration-directory group
>> + maximum-gain-reduction speakersafetyd user)
>
> You don't need to list all the fields when using match-record, and I
> assume match-record-lambda as well. Here only `group' and `user'
> appears useful.
>
>> + (list (user-group
>> + (name group)
>> + (system? #t))
>> + (user-account
>> + (name user)
>> + (group group)
>> + (system? #t)
>> + (home-directory "/var/empty")
>> + (shell (file-append shadow "/sbin/nologin"))
>> + (supplementary-groups '("audio"))))))
>> +
>> +(define speakersafetyd-activation
>> + (match-record-lambda <speakersafetyd-configuration>
>> + ( blackbox-directory configuration-directory group
>> + maximum-gain-reduction speakersafetyd user)
>
> Likewise.
>
>> + (with-imported-modules (source-module-closure '((gnu build activation)))
>> + #~(begin
>> + (use-modules (gnu build activation))
>> + (let ((user (getpwnam #$user)))
>> + (mkdir-p/perms "/run/speakersafetyd" user #o755)
>> + (mkdir-p/perms "/var/lib/speakersafetyd" user #o755)
>> + ;; Blackbox files contain audio recordings and might be sensitive
>> + ;; information
>> + (mkdir-p/perms #$blackbox-directory user #o700))))))
>>
>> (define speakersafetyd-shepherd-service
>> (match-record-lambda <speakersafetyd-configuration>
>> - (blackbox-directory configuration-directory maximum-gain-reduction speakersafetyd)
>> + ( blackbox-directory configuration-directory group
>> + maximum-gain-reduction speakersafetyd user)
>> (shepherd-service
>> (documentation "Run the speaker safety daemon")
>> (provision '(speakersafetyd))
>> @@ -306,7 +344,10 @@ (define speakersafetyd-shepherd-service
>> (list #$(file-append speakersafetyd "/bin/speakersafetyd")
>> "--config-path" #$configuration-directory
>> "--blackbox-path" #$blackbox-directory
>> - "--max-reduction" (number->string #$maximum-gain-reduction))))
>> + "--max-reduction" (number->string #$maximum-gain-reduction))
>> + #:group #$group
>> + #:supplementary-groups '("audio")
>> + #:user #$user))
>> (stop #~(make-kill-destructor)))))
>
> Not for a future improvement: we also have a least-authority-wrapper
> defined in (guix least-authority) that can wrap a binary to have it run
> in a Linux container, to further sandbox the process.

Interesting. Didn't know that module. I will take a look.
-----BEGIN PGP SIGNATURE-----

iQFLBAEBCAA1FiEE0iajOdjfRIFd3gygPdpSUn0qwZkFAmf2rtoXHHJvbWFuQGJ1
cm5pbmdzd2VsbC5jb20ACgkQPdpSUn0qwZln+gf+Ohnvv3tlufLuIJSG8UTcxTSF
maGrQyU/ijXx8QrKk0FQPR5lQKQzkIszD7D3LJoe3PaY3165tG4aQRXEXwT0fbfU
AavCGIJX3VKftvArxOgcj+zHiAgizw9gYUKTY1e7bsMLqH3Smmjha++0JA0Vv03e
KJwRBFiEjgKwrAg71zTBn+iOKrB7c7MMovvrDTwfo5Sk8twLtb4xMlbDwvu2Ev2B
i/db3EWmR9MpsfmZHCgBdGaRO9LMYdiXanvUX18my5OaGnbXaQ7b509K/YxnlbAX
qH+LT1leLXbd+1NHPtRTF0yoHMeF8D9MeUWKSOR0km/EQjm2swW9cwWm2RtXUg==
=9ziG
-----END PGP SIGNATURE-----

M
M
Maxim Cournoyer wrote on 13 Apr 23:47 -0700
Re: [bug#77383] [PATCH v3 2/3] gnu: speakersafetyd: Run as unprivileged user.
(name . Roman Scherer)(address . roman@burningswell.com)
87cydfutn3.fsf@gmail.com
Hi Roman,

Roman Scherer <roman@burningswell.com> writes:

Toggle quote (2 lines)
> * gnu/services/sound.scm (speakersafetyd): Run as unprivileged user.

I've pushed this series, expounding the GNU ChangeLog commit messages
for completeness. See 01a66639efe and the subsequent commit for the
commit message additions. In Magit (emacs-magit), pressing 'C' in each
hunk symbol/thing to document helps automate some of it.

--
Thanks,
Maxim
Closed
R
R
Roman Scherer wrote on 14 Apr 00:30 -0700
(name . Maxim Cournoyer)(address . maxim.cournoyer@gmail.com)
878qo3ci8h.fsf@burningswell.com
References: <58e6296eb44b3e82e5d6367ae85b681463a38613.1744217514.git.roman@burningswell.com>
<140f135aa4f94ad69765f7c2a7b38684342ca382.1744217514.git.roman@burningswell.com>
<87cydfutn3.fsf@gmail.com>
User-Agent: mu4e 1.12.9; emacs 29.4
Hi Maxim,

thanks for your help on this. I will give your magit suggestion a try next
time. I didn't know about that trick.

Thanks Roman.

Date: Mon, 14 Apr 2025 09:30:54 +0200

Maxim Cournoyer <maxim.cournoyer@gmail.com> writes:

Toggle quote (10 lines)
> Hi Roman,
>
> Roman Scherer <roman@burningswell.com> writes:
>
>> * gnu/services/sound.scm (speakersafetyd): Run as unprivileged user.
>
> I've pushed this series, expounding the GNU ChangeLog commit messages
> for completeness. See 01a66639efe and the subsequent commit for the
> commit message additions. In Magit (emacs-magit), pressing 'C' in each
> hunk symbol/thing to document helps automate some of it.
-----BEGIN PGP SIGNATURE-----

iQFLBAEBCAA1FiEE0iajOdjfRIFd3gygPdpSUn0qwZkFAmf8ua4XHHJvbWFuQGJ1
cm5pbmdzd2VsbC5jb20ACgkQPdpSUn0qwZkL5wgAoOJAj89oEtCSL8S/Nku3hTwc
cdbYwCoEtnCRWYAKErb+3mNtMzQMUlDxmnN+W6tzKY3CIq0gnDx3fHayJDo/U7MF
FJHoQz8By15GbHxccMryvtTV2b7EYORo2dH8hpq3DdGu3CfwLiZZvWcPF95p0QeB
wS6TVNkzeUlZH57N55bLfh7oNLVn1JOtXCaBbryPmDTOBuTPKzrM1XjY8lIUC1CS
rPq9juF3oWARLUg8w+d8IMHDdSypib9XZLlv9kuady8cdtnhs1zbdFZ+o26lRq0Y
/vHeUUOuyRh0UWaNw+uJvdfvdlPQVehkQ9DXIty+HR4HF6KJzggXcFdgm/VRBQ==
=kwRd
-----END PGP SIGNATURE-----

Closed
?
Your comment

Commenting via the web interface is currently disabled.

To comment on this conversation send an email to 77383@patchwise.org

To respond to this issue using the mumi CLI, first switch to it
mumi current 77383
Then, you may apply the latest patchset in this issue (with sign off)
mumi am -- -s
Or, compose a reply to this issue
mumi compose
Or, send patches to this issue
mumi send-email *.patch