diff options
author | Ludovic Courtès <ludo@gnu.org> | 2021-08-12 12:28:26 +0200 |
---|---|---|
committer | Ludovic Courtès <ludo@gnu.org> | 2021-08-12 12:34:13 +0200 |
commit | 8b9a5641bc1b6acb62e0e0467ee03cefde2d1757 (patch) | |
tree | 9ad4715af8b797ed9a9f9d33628279b494803222 /gnu/system | |
parent | 2826f488e4d492424294012b15f6914ade0ddd36 (diff) | |
download | guix-8b9a5641bc1b6acb62e0e0467ee03cefde2d1757.tar.gz guix-8b9a5641bc1b6acb62e0e0467ee03cefde2d1757.zip |
system: install, hurd: Use 'setuid-programs'.
This is a followup to a7ac19851baab3fbcc40c4b2cf5b00a6ac9cd2f3.
* gnu/system/install.scm (installation-os)[setuid-programs]: Use
'setuid-program'.
* gnu/system/hurd.scm (%setuid-programs/hurd): Use 'file-like->setuid-program'.
Diffstat (limited to 'gnu/system')
-rw-r--r-- | gnu/system/hurd.scm | 20 | ||||
-rw-r--r-- | gnu/system/install.scm | 4 |
2 files changed, 14 insertions, 10 deletions
diff --git a/gnu/system/hurd.scm b/gnu/system/hurd.scm index 8f3a27834b..95e511196a 100644 --- a/gnu/system/hurd.scm +++ b/gnu/system/hurd.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2020 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2020, 2021 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2020 Jan (janneke) Nieuwenhuizen <janneke@gnu.org> ;;; ;;; This file is part of GNU Guix. @@ -39,6 +39,7 @@ #:use-module (gnu services hurd) #:use-module (gnu services shepherd) #:use-module (gnu system) + #:use-module (gnu system setuid) #:use-module (gnu system shadow) #:use-module (gnu system vm) #:export (%base-packages/hurd @@ -92,14 +93,15 @@ (define %setuid-programs/hurd ;; Default set of setuid-root programs. - (list (file-append shadow "/bin/passwd") - (file-append shadow "/bin/sg") - (file-append shadow "/bin/su") - (file-append shadow "/bin/newgrp") - (file-append shadow "/bin/newuidmap") - (file-append shadow "/bin/newgidmap") - (file-append sudo "/bin/sudo") - (file-append sudo "/bin/sudoedit"))) + (map file-like->setuid-program + (list (file-append shadow "/bin/passwd") + (file-append shadow "/bin/sg") + (file-append shadow "/bin/su") + (file-append shadow "/bin/newgrp") + (file-append shadow "/bin/newuidmap") + (file-append shadow "/bin/newgidmap") + (file-append sudo "/bin/sudo") + (file-append sudo "/bin/sudoedit")))) (define %hurd-default-operating-system (operating-system diff --git a/gnu/system/install.scm b/gnu/system/install.scm index 7fa5c15324..87da89e3fb 100644 --- a/gnu/system/install.scm +++ b/gnu/system/install.scm @@ -25,6 +25,7 @@ (define-module (gnu system install) #:use-module (gnu) #:use-module (gnu system) + #:use-module (gnu system setuid) #:use-module (gnu bootloader u-boot) #:use-module (guix gexp) #:use-module (guix store) @@ -502,7 +503,8 @@ Access documentation at any time by pressing Alt-F2.\x1b[0m ;; We don't need setuid programs, except for 'passwd', which can be handy ;; if one is to allow remote SSH login to the machine being installed. - (setuid-programs (list (file-append shadow "/bin/passwd"))) + (setuid-programs (list (setuid-program + (program (file-append shadow "/bin/passwd"))))) (pam-services ;; Explicitly allow for empty passwords. |