The manual [1] starts by saying:
"When shepherd gets started, it reads and evaluates a configuration file." That config is full-featured, seemingly unrestricted, lisp file. While I saw some mentions of handling syntax errors on the mailing list, I saw no mentions of what happens if there is an infinite loop or if a script just reads a huge files and OOM's the process.
Now, one could imagine that maybe configs are parsed in a separate process, and then serialized and shipped to the main process for safe execution. But it does not seem to be the case -- the manual explicitly says you can use any Guile code to start processes, not just a safe subset.
Another option is that maybe there is a thread or a forked process for parsing config. But this does not seem to be the case either -- the manual does not mention that, and searching of the source code for "fork" or "thread" or "timeout" does not seem to indicate anything related.
The only mention of timeness expectation seem to be a single sentence "Actions are expected to be non-blocking." in one of the mailing lists [2].
So together, it seems to me that any bad script will just cause the daemon, and by extension the whole system, to not start.
Now, one could imagine that maybe configs are parsed in a separate process, and then serialized and shipped to the main process for safe execution. But it does not seem to be the case -- the manual explicitly says you can use any Guile code to start processes, not just a safe subset.
Another option is that maybe there is a thread or a forked process for parsing config. But this does not seem to be the case either -- the manual does not mention that, and searching of the source code for "fork" or "thread" or "timeout" does not seem to indicate anything related.
The only mention of timeness expectation seem to be a single sentence "Actions are expected to be non-blocking." in one of the mailing lists [2].
So together, it seems to me that any bad script will just cause the daemon, and by extension the whole system, to not start.
[1] "https://www.gnu.org/software/shepherd/manual/shepherd.html#S...
[2] http://lists.gnu.org/archive/html/guix-devel/2016-11/msg0094...