aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2020-02-16 23:28:54 +0100
committerLudovic Courtès <ludo@gnu.org>2020-02-16 23:31:08 +0100
commit8b9cad01e9619f53dc5a65892ca6a09ca5de3447 (patch)
tree2a3fa484827f57c70e16bb00d01fcae59b5811d7
parent139a9887843d0ea7dd724c4dd0d00470337370b3 (diff)
downloadguix-8b9cad01e9619f53dc5a65892ca6a09ca5de3447.tar
guix-8b9cad01e9619f53dc5a65892ca6a09ca5de3447.tar.gz
services: shepherd: Spawn services with nothing but the PATH variable.
Previously, services spawned with 'make-forkexec-constructor' & co. would all inherit the environment variables of PID 1, which includes things like 'BOOT_IMAGE'. This change resets it to the bare minimum. * gnu/services/shepherd.scm (shepherd-configuration-file): Add call to 'default-environment-variables'. Remove 'setenv' call.
-rw-r--r--gnu/services/shepherd.scm12
1 files changed, 7 insertions, 5 deletions
diff --git a/gnu/services/shepherd.scm b/gnu/services/shepherd.scm
index 08bb33039c..d483ff1a15 100644
--- a/gnu/services/shepherd.scm
+++ b/gnu/services/shepherd.scm
@@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2013, 2014, 2015, 2016, 2018, 2019 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2013, 2014, 2015, 2016, 2018, 2019, 2020 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org>
;;; Copyright © 2018 Carlo Zancanaro <carlo@zancanaro.id.au>
;;;
@@ -281,6 +281,12 @@ and return the resulting '.go' file."
(use-modules (srfi srfi-34)
(system repl error-handling))
+ ;; Specify the default environment visible to all the services.
+ ;; Without this statement, all the environment variables of PID 1
+ ;; are inherited by child services.
+ (default-environment-variables
+ '("PATH=/run/current-system/profile/bin"))
+
;; Arrange to spawn a REPL if something goes wrong. This is better
;; than a kernel panic.
(call-with-error-handling
@@ -288,10 +294,6 @@ and return the resulting '.go' file."
(apply register-services
(map load-compiled '#$(map scm->go files)))))
- ;; guix-daemon 0.6 aborts if 'PATH' is undefined, so work around
- ;; it.
- (setenv "PATH" "/run/current-system/profile/bin")
-
(format #t "starting services...~%")
(for-each (lambda (service)
;; In the Shepherd 0.3 the 'start' method can raise