From 8b9cad01e9619f53dc5a65892ca6a09ca5de3447 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Sun, 16 Feb 2020 23:28:54 +0100 Subject: [PATCH] services: shepherd: Spawn services with nothing but the PATH variable. Previously, services spawned with 'make-forkexec-constructor' & co. would all inherit the environment variables of PID 1, which includes things like 'BOOT_IMAGE'. This change resets it to the bare minimum. * gnu/services/shepherd.scm (shepherd-configuration-file): Add call to 'default-environment-variables'. Remove 'setenv' call. --- gnu/services/shepherd.scm | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/gnu/services/shepherd.scm b/gnu/services/shepherd.scm index 08bb33039c..d483ff1a15 100644 --- a/gnu/services/shepherd.scm +++ b/gnu/services/shepherd.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2013, 2014, 2015, 2016, 2018, 2019 Ludovic Courtès +;;; Copyright © 2013, 2014, 2015, 2016, 2018, 2019, 2020 Ludovic Courtès ;;; Copyright © 2017 Clément Lassieur ;;; Copyright © 2018 Carlo Zancanaro ;;; @@ -281,6 +281,12 @@ (define config (use-modules (srfi srfi-34) (system repl error-handling)) + ;; Specify the default environment visible to all the services. + ;; Without this statement, all the environment variables of PID 1 + ;; are inherited by child services. + (default-environment-variables + '("PATH=/run/current-system/profile/bin")) + ;; Arrange to spawn a REPL if something goes wrong. This is better ;; than a kernel panic. (call-with-error-handling @@ -288,10 +294,6 @@ (define config (apply register-services (map load-compiled '#$(map scm->go files))))) - ;; guix-daemon 0.6 aborts if 'PATH' is undefined, so work around - ;; it. - (setenv "PATH" "/run/current-system/profile/bin") - (format #t "starting services...~%") (for-each (lambda (service) ;; In the Shepherd 0.3 the 'start' method can raise