etc: guix-daemon.service.in: Mitigate mount race condition

This mitigates a race condition described in #576. The 'Type=exec'
option ensures that systemd only starts follow-up units after the
guix-daemon binary has started. By then, the mount points are collected
in a private namespace and will not be affected. Without this option,
'gnu-store.mount' could win the race and remount everything read-only
before guix-daemon has acquired a read-write view.

Fixes #2270

* etc/guix-daemon.service.in: Mitigate mount race condition

Change-Id: I5d28ebc38b0c10e6d2aa8e65353757ef13d5bad3
Signed-off-by: Ludovic Courtès <ludo@gnu.org>

1 files changed, 4 insertions, 0 deletions

diff --git a/etc/guix-daemon.service.in b/etc/guix-daemon.service.in
index 6e534771c68..88929fa904e 100644
--- a/etc/guix-daemon.service.in
+++ b/etc/guix-daemon.service.in
@@ -24,6 +24,10 @@ BindPaths=@storedir@
 # Disable host file system mount propagation to keep service view of the
 # store read-write after 'gnu-store.mount' makes it read-only system-wide.
 MountFlags=private
+# Mitigate race condition between guix-daemon and 'gnu-store.mount'.
+# Dependent units will only start after daemon binary is started AND THUS
+# the mount point is acquired in a private namespace.
+Type=exec
 
 # Provide the CAP_CHOWN capability so that guix-daemon can create and chown
 # /var/guix/profiles/per-user/$USER and also chown failed build directories