aboutsummaryrefslogtreecommitdiff
path: root/gnu/build/activation.scm
AgeCommit message (Collapse)Author
2024-08-11privilege: Add POSIX capabilities(7) support.Tobias Geerinckx-Rice
* gnu/system/privilege.scm (<privileged-program>): Add a field representing the program's POSIX capabilities. (privileged-program-capabilities): New public procedure. * doc/guix.texi (Privileged Programs): Document it. * gnu/build/activation.scm (activate-privileged-programs): Take a LIBCAP package argument providing setcap(8) to apply said capabilities. * gnu/services.scm (privileged-program->activation-gexp): Pass said package argument where supported. Include privileged-program-capabilities in the compatibility hack.
2024-08-11build: Rename activate-setuid-programs.Tobias Geerinckx-Rice
* gnu/build/activation.scm (activate-setuid-programs): Rename this… (activate-privileged-programs): …to this. Operate on a list of <privileged-program> records. * gnu/services.scm (setuid-program->activation-gexp): Adjust caller.
2024-08-11services: setuid-program: Populate /run/privileged/bin.Tobias Geerinckx-Rice
Create /run/setuid-programs compatibility symlinks so that we can migrate all users (both package and human) piecemeal at our leisure. Apart from being symlinks, this should be a user-invisible change. * gnu/build/activation.scm (%privileged-program-directory): New variable. [activate-setuid-programs]: Put privileged copies in %PRIVILEGED-PROGRAM-DIRECTORY, with compatibility symlinks to each in %SETUID-DIRECTORY. * gnu/services.scm (setuid-program-service-type): Update docstring. * doc/guix.texi (Setuid Programs): Update @file{} name accordingly.
2024-02-19services: activation: Ensure /run existence.Nicolas Graves
* gnu/build/activation.scm (activation-script): Ensure /var/run existence. * gnu/build/install.scm (evaluate-populate-directive) [directives]: Remove directory /run. Change-Id: I19ca8e7605c0cff598ab89077a94e20390ba27b0 Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2023-08-20Revert "gnu: system: Add home-directory-permissions field to <user-account>."Tobias Geerinckx-Rice
This reverts commit e9a5eebc785cb843034b38c5c5a6dd10904bdf2a, which as far as I can tell breaks system roll-backs thusly: [...] In gnu/build/accounts.scm: 239:27 3 (_ #<<password-entry> name: "root" password: "x" uid: 0 gid: 0 real-name: "System >) In unknown file: 2 (string-join ("root" "x" "0" "0" "System administrator" "/root" #t) ":" #<undefined>) In ice-9/boot-9.scm: 1685:16 1 (raise-exception _ #:continuable? _) 1685:16 0 (raise-exception _ #:continuable? _) ice-9/boot-9.scm:1685:16: In procedure raise-exception: In procedure string-append: Wrong type (expecting string): #t
2023-08-25gnu: system: Add home-directory-permissions field to <user-account>.David Thompson
* gnu/system/accounts.scm (<user-account>)[home-directory-permissions]: New field. (user-account-home-directory-permissions): New accessor. * gnu/build/activation.scm (activate-users+groups): Use home directory permission bits from the user account object. * doc/guix.texi (User Accounts): Document new field. Signed-off-by: Josselin Poiret <dev@jpoiret.xyz>
2022-12-17activation: Firmware activation handles missing support in kernel.Marius Bakke
* gnu/build/activation.scm (activate-firmware): Check if firmware loading is enabled before attempting to use it.
2022-03-01initrd: Use non-hyphenated kernel command-line parameter names.Maxim Cournoyer
This is to make it less surprising, given the common convention sets forth by the kernel Linux command-line parameters. * gnu/build/linux-boot.scm (boot-system): Rename '--load', '--repl', '--root' and '--system' to 'gnu.load', 'gnu.repl', 'root' and 'gnu.system', respectively. Adjust doc. (find-long-option): Adjust doc. * gnu/installer/parted.scm (installer-root-partition-path): Adjust accordingly. * gnu/system.scm (bootable-kernel-arguments): Add a VERSION argument and update doc. Use VERSION to conditionally return old style vs new style initrd arguments. (%boot-parameters-version): Increment to 1. (operating-system-boot-parameters): Adjust doc. (operating-system-boot-parameters-file): Likewise. * gnu/system/linux-initrd.scm (raw-initrd, base-initrd): Likewise. * doc/guix.texi: Adjust doc. * gnu/build/activation.scm (boot-time-system): Adjust accordingly. * gnu/build/hurd-boot.scm (boot-hurd-system): Likewise. * gnu/packages/commencement.scm (%final-inputs-riscv64): Adjust comment.
2021-07-29services: setuid: More configurable setuid support.Chris Lemmer-Webber
New record <setuid-program> with fields for setting the specific user and group, as well as specifically selecting the setuid and setgid bits, for a program within the setuid-program-service. * gnu/services.scm (setuid-program-file-like-deprecated): New function. (setuid-program-service-type): Make use of setuid-program->activation-gexp. Adjust the extend property to handle <setuid-program>. * gnu/build/activation.scm (activate-setuid-programs): Update to expect a <setuid-record> list for each program entry. * gnu/system.scm: (operating-system-setuid-programs): Renamed to %operating-system-setuid-programs and replace it with new procedure. (operating-system-default-essential-services, hurd-default-essential-services): Replace operating-system-setuid-programs with %operating-system-setuid-programs. * gnu/system/setuid.scm: New file. * doc/guix.texi (Setuid Programs): Document <setuid-program>. Co-authored-by: Brice Waegeneire <brice@waegenei.re>
2021-04-03activation: Do not dereference symlinks during home directory creation.Maxime Devos
Fixes <https://bugs.gnu.org/47584>. * gnu/build/activation.scm (copy-account-skeletons): Do not chown the home directory; leave this to 'activate-user-home'. (activate-user-home): Only chown the home directory after the account skeletons have been copied. Co-authored-by: Ludovic Courtès <ludo@gnu.org>.
2021-03-10services: Prevent following symlinks during activation.Maxime Devos
This addresses a potential security issue, where a compromised service could trick the activation code in changing the permissions, owner and group of arbitrary files. However, this patch is currently only a partial fix, due to a TOCTTOU (time-of-check to time-of-use) race, which can be fixed once guile has bindings to openat and friends. Fixes: <https://lists.gnu.org/archive/html/guix-devel/2021-01/msg00388.html> * gnu/build/activation.scm: new procedure 'mkdir-p/perms'. * gnu/services/authentication.scm (%nslcd-activation, nslcd-service-type): use new procedure. * gnu/services/cups.scm (%cups-activation): likewise. * gnu/services/dbus.scm (dbus-activation): likewise. * gnu/services/dns.scm (knot-activation): likewise. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2021-02-09activation: Do not make setuid programs setgid-root [security].Ludovic Courtès
Fixes <https://bugs.gnu.org/46395>. Reported by Duncan Overbruck <mail@duncano.de>. * gnu/build/activation.scm (activate-setuid-programs): Change TARGET mode to not be setgid.
2020-06-09activation: Fix function call for system activationRoyce Strange
* gnu/build/activation.scm (boot-time-system): Evaluate the linux-command-line thunk for linux systems to boot Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2020-06-08system: Support activation service for the Hurd.Jan (janneke) Nieuwenhuizen
* gnu/build/activation.scm (boot-time-system): Use "command-line" for the Hurd. * gnu/system.scm (hurd-default-essential-services): Add %boot-service and %activation-service.
2020-01-06activation: Check whether /proc/sys/kernel/modprobe exists.kanichos@yandex.ru
* gnu/build/activation.scm (activate-modprobe): Check whether /proc/sys/kernel/modprobe exists before writing to it. Co-authored-by: Ludovic Courtès <ludo@gnu.org>
2020-01-02activation: Keep going when failing to create one of the setuid programs.Ludovic Courtès
Fixes <https://bugs.gnu.org/38800>. Reported by Jakub Kądziołka <kuba@kadziolka.net>. * gnu/build/activation.scm (activate-setuid-programs): Catch 'system-error' around 'make-setuid-program' calls.
2019-06-05activation: Lock /etc/.pwd.lock before accessing databases.Ludovic Courtès
Suggested by Florian Pelz <pelzflorian@pelzflorian.de> in <http://bugs.gnu.org/35996>. * gnu/build/accounts.scm (%password-lock-file): New variable. * gnu/build/activation.scm (activate-users+groups): Wrap calls to 'user+group-databases', 'write-group', etc. into 'with-file-lock'.
2019-03-08activation: Shared system home directories are now 555 and root-owned.Ludovic Courtès
Fixes <https://bugs.gnu.org/34788>. Reported by Jack Hill <jackhill@jackhill.us>. Regression introduced by the combination of 8bb76f3d44c1f5ffec8011819494db306a51d801 and 0ae735bcc8ff7fdc89d67b492bdee9091ee19e86: /var/empty would be 700 and owned by one of the system accounts (thus inaccessible to others), and /var/run/dbus would be 700 as well, thereby preventing D-Bus clients from connecting to the daemon. * gnu/build/activation.scm (duplicates): New procedure. (activate-users+groups)[system-accounts]: New variable. Use it. Make shared system account home directories #o555 and root-owned. * gnu/services/dbus.scm (dbus-activation): Make /var/run/dbus #o755. * gnu/tests/base.scm (run-basic-test): Test the ownership and permissions of /var/empty.
2019-03-07activation: Build account databases with (gnu build accounts).Ludovic Courtès
* gnu/build/activation.scm (enumerate, current-users, current-groups) (add-group, add-user, modify-user, ensure-user): Remove. (activate-users+groups)[touch, activate-user]: Remove. [make-home-directory]: New procedure. Rewrite in terms of 'user+group-databases', 'write-group', etc. * gnu/build/install.scm (directives): Remove "/root". * gnu/system/shadow.scm (account-activation): Remove (setenv "PATH" ...) expression, which is now unneeded.
2019-03-07activation: Operate on <user-account> and <user-group> records.Ludovic Courtès
* gnu/system/accounts.scm (sexp->user-group, sexp->user-account): New procedures. * gnu/system/shadow.scm (account-activation): Call them in the arguments to 'activate-users+groups'. (account-shepherd-service): Likewise. * gnu/build/activation.scm (activate-users+groups): Expect a list of <user-account> and a list of <user-group>. Replace uses of 'match' on tuples with calls to record accessors. (activate-user-home): Likewise.
2019-03-04activation: Make home directories #o700 by default.Ludovic Courtès
Until now they'd be #o755, except for /root, which is treated specially in (gnu build install). * gnu/build/activation.scm (activate-user-home): Chmod HOME to #o700. Remove redundant 'unless system?'.
2018-11-18activation: Aways pass '-d HOME' to 'useradd'.Ludovic Courtès
Fixes <https://bugs.gnu.org/33422>. Reported by fps. * gnu/build/activation.scm (add-user): Always pass "-d HOME" when HOME is true. Pass "--create-home" only when HOME, CREATE-HOME?, and SYSTEM? are true. (activate-users+groups): Pass #:create-home? create-home? to 'ensure-user'. * gnu/tests/base.scm (run-basic-test)["accounts"]: Test 'passwd:dir' as well.
2018-03-27activation: Pass '-d HOME' to 'usermod'.Ludovic Courtès
Fixes a bug whereby changes to user home directories in the OS config would never be effective. Reported by Pierre Neidhardt <ambrevar@gmail.com>. * gnu/build/activation.scm (modify-user): Pass '-d HOME'.
2017-10-08activation: Do not create setuid binaries in the store [security fix].Ludovic Courtès
Fixes <https://bugs.gnu.org/28751>. * gnu/build/activation.scm (activate-setuid-programs)[link-or-copy]: Remove. Use 'copy-file' instead.
2017-08-03activation: Make sure /etc exists.Ludovic Courtès
Fixes <http://bugs.gnu.org/27146>. Reported by ng0 <ng0@pragmatique.xyz>. * gnu/build/activation.scm (activate-etc): Add call to 'mkdir-p'.
2017-05-30activation: Change permissions on /root to #o700.Ludovic Courtès
Reported by Alex Griffin <a@ajgrf.com>. Fixes <http://bugs.gnu.org/27135>. * gnu/build/activation.scm (add-user): When UID is zero, add 'chmod' call. * gnu/tests/base.scm (run-basic-test)["permissions on /root"]: New test.
2017-05-18services: user-homes: Do not create home directories marked as no-create.Ludovic Courtès
Fixes a bug whereby GuixSD would create the /nonexistent directory, from user 'nobody', even though it has 'create-home-directory?' set to #f. * gnu/build/activation.scm (activate-users+groups): Add comment for \#:create-home?. (activate-user-home)[ensure-user-home]: Skip when CREATE-HOME? is #f or SYSTEM? is #t. * gnu/tests/base.scm (run-basic-test)["no extra home directories"]: New tests.
2017-02-10Merge branch 'master' into core-updatesLudovic Courtès
2017-02-08services: Add 'special-files-service-type'.Ludovic Courtès
* gnu/build/activation.scm (activate-/bin/sh): Remove. (activate-special-files): New procedure. * gnu/services.scm (activation-script): Remove call to 'activate-/bin/sh'. (special-files-service-type): New variable. (extra-special-file): New procedure. * gnu/services/base.scm (%base-services): Add SPECIAL-FILES-SERVICE-TYPE instance. * gnu/tests/base.scm (run-basic-test)[special-files]: New variables. ["special files"]: New test.
2017-02-04activation: Set the right owner for home directories.Ludovic Courtès
This fixes a regression introduced in ae763b5b0b7d5e7316a3d0efe991fe8ab2261031 whereby home directories and skeletons would be root-owned. * gnu/build/activation.scm (copy-account-skeletons): Make 'directory' a keyword parameter. Add #:uid and #:gid and honor them. [set-owner]: New procedure. (activate-user-home): Add call to 'getpw' and 'chown'. Pass UID and GID to 'copy-account-skeletons'. * gnu/tests/base.scm (run-basic-test)["skeletons in home directories"]: Test file ownership under HOME.
2017-02-02Merge branch 'master' into core-updatesLeo Famulari
2017-02-01system: Create home directories once 'file-systems' is up.Ludovic Courtès
Fixes <http://bugs.gnu.org/21108>. Reported by Andy Patterson <ajpatter@uwaterloo.ca> and Leo Famulari <leo@famulari.name>. * gnu/build/activation.scm (activate-users+groups)[activate-user]: Pass #:create-home? #t iff CREATE-HOME? and SYSTEM?. (activate-user-home): New procedure. * gnu/system/shadow.scm (account-shepherd-service): New procedure. (account-service-type)[extensions]: Add SHEPHERD-ROOT-SERVICE-TYPE extension. * gnu/tests/base.scm (run-basic-test)["home"] ["skeletons in home directories"]: New tests. * gnu/tests/install.scm (%separate-home-os, %separate-home-os-source) (%test-separate-home-os): New variables.
2017-01-26utils: Add helper method to make files writable.Marius Bakke
* gnu/build/activation.scm (make-file-writable): Move this to ... * guix/build/utils.scm (make-file-writable): ... here. Export it. * guix/build/gnu-build-system.scm (strip): Use it.
2016-09-06activation: Don't fail if /var/lib exists.Leo Famulari
This is a followup to commit 6526d43ea4fb0cd151a0d5e9a072c651c1c963d1. * gnu/build/activation.scm (activate-user+groups): Use mkdir-p to create /var/lib.
2016-09-06activation: Allow home directories to be created under /var/lib.David Craven
* gnu/build/activation.scm (activate-user+groups): Make sure /var/lib exists.
2016-08-28system: Add 'create-home-directory?' field to <user-account>.Ludovic Courtès
* gnu/system/shadow.scm (<user-account>)[create-home-directory?]: New field. (user-account->gexp): Serialize it. * gnu/build/activation.scm (activate-users+groups)[activate-user]: Update 'match-lambda' pattern accordingly. Pass #:create-home? to 'ensure-user'. (add-user, modify-user, ensure-user): Add #:create-home? parameter and honor it. * doc/guix.texi (User Accounts): Document it.
2016-03-24activation: Copy account skeletons silently.Ludovic Courtès
* gnu/build/activation.scm (copy-account-skeletons): Pass #:log to 'copy-recursively'.
2016-03-20system: Allow account skeletons to be directories.Ludovic Courtès
* gnu/system/shadow.scm (skeleton-directory): Use 'copy-recursively' instead of 'copy-file'. * gnu/build/activation.scm (copy-account-skeletons): Likewise.
2015-05-09system: activate-ptrace-attach: Handle kernels without YAMA support.Mark H Weaver
* gnu/build/activation.scm (activate-ptrace-attach): Check for the existence of /proc/sys/kernel/yama/ptrace_scope before trying to write to it.
2015-05-05activation: Make user copies of the skeletons writable.Ludovic Courtès
* gnu/build/activation.scm (make-file-writable, make-skeletons-writable): New procedures. (copy-account-skeletons): Call 'make-file-writable' after 'copy-file'. (add-user): Add call to 'make-skeletons-writable'.
2015-04-12system: Allow users to PTRACE_ATTACH to their own processes.Ludovic Courtès
* gnu/build/activation.scm (activate-ptrace-attach): New procedure. * gnu/system.scm (operating-system-activation-script): Use it.
2015-04-08activation: Remove undeclared user accounts and groups.Ludovic Courtès
Fixes <http://bugs.gnu.org/19795>. Reported by David Thompson <dthompson2@worcester.edu>. * gnu/build/activation.scm (enumerate, current-users, current-groups, delete-user, delete-group): New procedures. (activate-users+groups): Add calls to 'delete-user' and 'delete-group'. * doc/guix.texi (User Accounts): Add a paragraph about statelessness. Explain that passwords are preserved.
2015-03-03system: Add /etc/ssl symlink; set needed variables in /etc/profile.Mark H Weaver
* gnu/build/activation.scm (activate-etc): Create /etc/ssl symlink. * gnu/system.scm (etc-directory): Set SSL_CERT_DIR, SSL_CERT_FILE, and GIT_SSL_CAINFO in /etc/profile. Co-Authored-By: Ludovic Courtès <ludo@gnu.org>
2014-12-13activation: Copy the account skeletons when creating the 'root' account.Ludovic Courtès
* gnu/build/activation.scm (%skeleton-directory): New variable. (dot-or-dot-dot?, copy-account-skeletons): New procedure. (add-user): Use 'copy-account-skeletons'. (activate-etc): Use 'dot-or-dot-dot?'.
2014-12-06activation: Don't create unneeded "/var/guix/gcroots/etc-directory".Ludovic Courtès
* gnu/build/activation.scm (activate-etc): Don't create "/var/guix/gcroots/etc-directory".
2014-11-11activation: Set the firmware search path.Ludovic Courtès
* gnu/build/activation.scm (activate-firmware): New procedure. * gnu/system.scm (<operating-system>)[firmware]: New field. (directory-union): New procedure. (%base-firmware): New variable. (operating-system-activation-script): Use 'directory-union', and call 'activate-firmware'. * doc/guix.texi (operating-system Reference): Document 'firmware'.
2014-11-02system: Allow Linux-libre to find our 'modprobe' command.Ludovic Courtès
Fixes <http://bugs.gnu.org/18525>. Reported by Mark H Weaver <mhw@netris.org>. * gnu/build/activation.scm (activate-modprobe): New procedure. * gnu/system.scm (modprobe-wrapper): New procedure. (operating-system-activation-script): Use both.
2014-09-22activation: Ensure existing user accounts have the right settings.Ludovic Courtès
* gnu/build/activation.scm (modify-user, ensure-user): New procedures. (activate-users+groups): Systematically call 'ensure-user'.
2014-09-12activation: Honor $GUIX_NEW_SYSTEM for use by 'guix system reconfigure'.Ludovic Courtès
* gnu/build/activation.scm (activate-current-system): Honor $GUIX_NEW_SYSTEM by default. * guix/scripts/system.scm (switch-to-system): Set $GUIX_NEW_SYSTEM before loading SCRIPT.
2014-09-12activation: Set the permissions of /etc/sudoers to 440.Ludovic Courtès
* gnu/build/activation.scm (activate-etc): Move 'rm-f' to a local 'define'. When TARGET is "sudoers", make it 440.
generated by cgit