aboutsummaryrefslogtreecommitdiff
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2021 Brice Waegeneire <brice@waegenei.re>
;;; Copyright © 2022 Tobias Geerinckx-Rice <me@tobias.gr>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.

(define-module (gnu system setuid)
  #:use-module (gnu system privilege)
  #:use-module (ice-9 match)
  #:use-module (srfi srfi-1)
  #:re-export (file-like->setuid-program)
  #:export (setuid-program
            setuid-program?
            setuid-program-program
            setuid-program-setuid?
            setuid-program-setgid?
            setuid-program-user
            setuid-program-group))

;;; Commentary:
;;;
;;; Do not use this module in new code.  It used to define data structures
;;; representing setuid/setgid programs, but is now a mere compatibility shim
;;; wrapping a subset of (gnu system privilege).
;;;
;;; Code:

(define-syntax setuid-program
  (lambda (fields)
    (syntax-case fields ()
      ((_ (field value) ...)
       #`(privileged-program
          (setuid? (match (assoc-ref '((field value) ...) 'setuid?)
                     ((#f) #f)
                     (_ #t)))
          #,@(remove (match-lambda ((f _) (eq? (syntax->datum f) 'setuid?)))
                     #'((field value) ...)))))))

(define setuid-program?        privileged-program?)
(define setuid-program-program privileged-program-program)
(define setuid-program-setuid? privileged-program-setuid?)
(define setuid-program-setgid? privileged-program-setgid?)
(define setuid-program-user    privileged-program-user)
(define setuid-program-group   privileged-program-group)
generated by cgit
ql package major version changes, this is going to break the service upon upgrade, because PostgreSQL will reject the data files from the differing major version of the service. Because it's important to either keep running a particular major version, or intentionally upgrade, I think the configuration would be better with no default. I think this is also going to be helpful when trying to assist users upgrading PostgreSQL. * gnu/services/databases.scm (<postgresql-configuration>): Remove default for postgresql. (postgresql-service-type): Remove the default value. * gnu/tests/databases.scm (%postgresql-os): Update accordingly. * gnu/tests/guix.scm (%guix-data-service-os): Update accordingly. * gnu/tests/monitoring.scm (%zabbix-os): Update accordingly. * gnu/tests/web.scm (patchwork-os): Update accordingly. * doc/guix.texi (PostgreSQL): Update accordingly. Christopher Baines 2020-10-20tests: monitoring: Use (service postgresql-service-type)....As I'm looking at removing the procedure, in favour of always using the service type. * gnu/tests/monitoring.scm (%zabbix-os): Use (service postgresql-service-type) rather than (postgresql-service). Christopher Baines 2020-07-15tests: zabbix: Fix typo in comment....* gnu/tests/monitoring.scm (run-zabbix-server-test)[test]: Fix typo in comment. Oleg Pykhalov 2020-03-09tests: zabbix: Set 'PATH' before running the scripts....This is a followup to 8b9cad01e9619f53dc5a65892ca6a09ca5de3447. * gnu/tests/monitoring.scm (run-zabbix-server-test)[test]: Set 'PATH' in MARIONETTE. Ludovic Courtès 2019-01-01gnu: php-with-bcmath: Deprecate in favour of 'php'....This is a follow-up to 4629d26755aa06344fb8f515fb0202776e70c429. * gnu/packages/php.scm (php-with-bcmath): Deprecate in favour of 'php'. * gnu/tests/monitoring.scm (%zabbix-os): Use this. Oleg Pykhalov 2018-12-17services: monitoring: Add 'zabbix-front-end'....* gnu/services/monitoring.scm (nginx-server-configuration-list?, serialize-nginx-server-configuration-list, zabbix-front-end-configuration, zabbix-front-end-config, zabbix-front-end-activation, generate-zabbix-front-end-documentation): New procedures. (%zabbix-front-end-configuration-nginx, %maintenance.inc.php, zabbix-front-end-service-type): New variables. * doc/guix.texi (Monitoring Services): Document this. Oleg Pykhalov 2018-12-17services: monitoring: Add 'zabbix-agent'....* gnu/services/monitoring.scm (zabbix-server-service-type, zabbix-agent-account, zabbix-agent-activation, zabbix-agent-config-file, zabbix-agent-shepherd-service, generate-zabbix-agent-documentation): New procedures. (zabbix-agent-service-type): New 'service-type'. * gnu/tests/monitoring.scm (run-zabbix-server-test): Test 'zabbix-agent'. (%zabbix-os): Add 'zabbix-agent' service. * doc/guix.texi (Monitoring Services): Document 'zabbix-agent'. Oleg Pykhalov 2018-12-17services: monitoring: Add 'zabbix-server'....* gnu/services/monitoring.scm (uglify-field-name, serialize-field, serialize-number, serialize-list, serialize-string, group?, serialize-group, include-files?, serialize-include-files, zabbix-server-account, zabbix-server-config-file, zabbix-server-activation, zabbix-server-shepherd-service, generate-zabbix-server-documentation, extra-options, serialize-extra-options): New procedures. (zabbix-server-service-type): New variable. * gnu/tests/monitoring.scm (%psql-user-create-zabbix, %psql-db-zabbix-create-script, %psql-db-create-zabbix, %psql-db-import-zabbix, %zabbix-os, %test-zabbix): New variables. (run-zabbix-server-test): New procedure. * doc/guix.texi (Monitoring Services): Document 'zabbix-server'. squash! services: monitoring: Add 'zabbix-server'. Oleg Pykhalov 2018-10-18services: dhcp-client: Deprecate 'dhcp-client-service' procedure....* gnu/services/networking.scm (dhcp-client-service-type): Add default value. * gnu/system/examples/bare-bones.tmpl: Use (service dhcp-client-service-type) instead of (dhcp-client-service). * gnu/system/examples/beaglebone-black.tmpl: Likewise. * gnu/tests/base.scm (%avahi-os): Likewise. * gnu/tests/databases.scm (%memcached-os): Likewise. (%mongodb-os): Likewise. * gnu/tests/dict.scm (%dicod-os): Likewise. * gnu/tests/mail.scm (%opensmtpd-os): Likewise. (%exim-os): Likewise. (%dovecot-os): Likewise. * gnu/tests/messaging.scm (run-xmpp-test): Likewise. (run-bitlbee-test): Likewise. * gnu/tests/monitoring.scm (%prometheus-node-exporter-os): Likewise. * gnu/tests/networking.scm (%inetd-os): Likewise. (run-iptables-test): Likewise. * gnu/tests/nfs.scm (%base-os): Likewise. * gnu/tests/rsync.scm (%rsync-os): Likewise. * gnu/tests/ssh.scm (run-ssh-test): Likewise. * gnu/tests/version-control.scm (%cgit-os): Likewise. (%git-http-os): Likewise. (%gitolite-os): Likewise. * gnu/tests/virtualization.scm (%libvirt-os): Likewise. * gnu/tests/web.scm (%httpd-os): Likewise. (%nginx-os): Likewise. (%varnish-os): Likewise. (%php-fpm-os): Likewise. (%hpcguix-web-os): Likewise. (%tailon-os): Likewise. * tests/guix-system.sh: Likewise. * doc/guix.texi (Networking Services): Document 'dhcp-client-service-type' and remove 'dhcp-client-service'. Ludovic Courtès