| Age | Commit message (Expand) | Author |
|---|
| 2021-07-29 | services: setuid: More configurable setuid support....New record <setuid-program> with fields for setting the specific user
and group, as well as specifically selecting the setuid and setgid bits,
for a program within the setuid-program-service.
* gnu/services.scm (setuid-program-file-like-deprecated): New function.
(setuid-program-service-type): Make use of
setuid-program->activation-gexp. Adjust the extend property to handle
<setuid-program>.
* gnu/build/activation.scm (activate-setuid-programs): Update to expect a
<setuid-record> list for each program entry.
* gnu/system.scm: (operating-system-setuid-programs): Renamed to
%operating-system-setuid-programs and replace it with new procedure.
(operating-system-default-essential-services,
hurd-default-essential-services): Replace
operating-system-setuid-programs with
%operating-system-setuid-programs.
* gnu/system/setuid.scm: New file.
* doc/guix.texi (Setuid Programs): Document <setuid-program>.
Co-authored-by: Brice Waegeneire <brice@waegenei.re>
| Chris Lemmer-Webber |
| 2021-04-03 | activation: Do not dereference symlinks during home directory creation....Fixes <https://bugs.gnu.org/47584>.
* gnu/build/activation.scm (copy-account-skeletons): Do not chown the
home directory; leave this to 'activate-user-home'.
(activate-user-home): Only chown the home directory after the account
skeletons have been copied.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>.
| Maxime Devos |
| 2021-03-10 | services: Prevent following symlinks during activation....This addresses a potential security issue, where a compromised
service could trick the activation code in changing the permissions,
owner and group of arbitrary files. However, this patch is
currently only a partial fix, due to a TOCTTOU (time-of-check to
time-of-use) race, which can be fixed once guile has bindings
to openat and friends.
Fixes: <https://lists.gnu.org/archive/html/guix-devel/2021-01/msg00388.html>
* gnu/build/activation.scm: new procedure 'mkdir-p/perms'.
* gnu/services/authentication.scm
(%nslcd-activation, nslcd-service-type): use new procedure.
* gnu/services/cups.scm (%cups-activation): likewise.
* gnu/services/dbus.scm (dbus-activation): likewise.
* gnu/services/dns.scm (knot-activation): likewise.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
| Maxime Devos |
| 2021-02-09 | activation: Do not make setuid programs setgid-root [security]....Fixes <https://bugs.gnu.org/46395>.
Reported by Duncan Overbruck <mail@duncano.de>.
* gnu/build/activation.scm (activate-setuid-programs): Change TARGET
mode to not be setgid.
| Ludovic Courtès |
| 2020-06-09 | activation: Fix function call for system activation...* gnu/build/activation.scm (boot-time-system):
Evaluate the linux-command-line thunk for linux systems to boot
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
| Royce Strange |
| 2020-06-08 | system: Support activation service for the Hurd....* gnu/build/activation.scm (boot-time-system): Use "command-line" for the
Hurd.
* gnu/system.scm (hurd-default-essential-services): Add %boot-service and
%activation-service.
| Jan (janneke) Nieuwenhuizen |
| 2020-01-06 | activation: Check whether /proc/sys/kernel/modprobe exists....* gnu/build/activation.scm (activate-modprobe): Check whether
/proc/sys/kernel/modprobe exists before writing to it.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
| kanichos@yandex.ru |
| 2020-01-02 | activation: Keep going when failing to create one of the setuid programs....Fixes <https://bugs.gnu.org/38800>.
Reported by Jakub Kądziołka <kuba@kadziolka.net>.
* gnu/build/activation.scm (activate-setuid-programs): Catch
'system-error' around 'make-setuid-program' calls.
| Ludovic Courtès |
| 2019-06-05 | activation: Lock /etc/.pwd.lock before accessing databases....Suggested by Florian Pelz <pelzflorian@pelzflorian.de>
in <http://bugs.gnu.org/35996>.
* gnu/build/accounts.scm (%password-lock-file): New variable.
* gnu/build/activation.scm (activate-users+groups): Wrap calls to
'user+group-databases', 'write-group', etc. into 'with-file-lock'.
| Ludovic Courtès |
| 2019-03-08 | activation: Shared system home directories are now 555 and root-owned....Fixes <https://bugs.gnu.org/34788>.
Reported by Jack Hill <jackhill@jackhill.us>.
Regression introduced by the combination of
8bb76f3d44c1f5ffec8011819494db306a51d801 and
0ae735bcc8ff7fdc89d67b492bdee9091ee19e86: /var/empty would be 700 and
owned by one of the system accounts (thus inaccessible to others), and
/var/run/dbus would be 700 as well, thereby preventing D-Bus clients
from connecting to the daemon.
* gnu/build/activation.scm (duplicates): New procedure.
(activate-users+groups)[system-accounts]: New variable.
Use it. Make shared system account home directories #o555 and
root-owned.
* gnu/services/dbus.scm (dbus-activation): Make /var/run/dbus #o755.
* gnu/tests/base.scm (run-basic-test): Test the ownership and
permissions of /var/empty.
| Ludovic Courtès |
| 2019-03-07 | activation: Build account databases with (gnu build accounts)....* gnu/build/activation.scm (enumerate, current-users, current-groups)
(add-group, add-user, modify-user, ensure-user): Remove.
(activate-users+groups)[touch, activate-user]: Remove.
[make-home-directory]: New procedure.
Rewrite in terms of 'user+group-databases', 'write-group', etc.
* gnu/build/install.scm (directives): Remove "/root".
* gnu/system/shadow.scm (account-activation): Remove (setenv "PATH" ...)
expression, which is now unneeded.
| Ludovic Courtès |
| 2019-03-07 | activation: Operate on <user-account> and <user-group> records....* gnu/system/accounts.scm (sexp->user-group, sexp->user-account): New
procedures.
* gnu/system/shadow.scm (account-activation): Call them in the arguments
to 'activate-users+groups'.
(account-shepherd-service): Likewise.
* gnu/build/activation.scm (activate-users+groups): Expect a list of
<user-account> and a list of <user-group>. Replace uses of 'match' on
tuples with calls to record accessors.
(activate-user-home): Likewise.
| Ludovic Courtès |
| 2019-03-04 | activation: Make home directories #o700 by default....Until now they'd be #o755, except for /root, which is treated specially
in (gnu build install).
* gnu/build/activation.scm (activate-user-home): Chmod HOME to #o700.
Remove redundant 'unless system?'.
| Ludovic Courtès |
| 2018-11-18 | activation: Aways pass '-d HOME' to 'useradd'....Fixes <https://bugs.gnu.org/33422>.
Reported by fps.
* gnu/build/activation.scm (add-user): Always pass "-d HOME" when HOME
is true. Pass "--create-home" only when HOME, CREATE-HOME?, and SYSTEM?
are true.
(activate-users+groups): Pass #:create-home? create-home? to
'ensure-user'.
* gnu/tests/base.scm (run-basic-test)["accounts"]: Test 'passwd:dir' as
well.
| Ludovic Courtès |
| 2018-03-27 | activation: Pass '-d HOME' to 'usermod'....Fixes a bug whereby changes to user home directories in the OS config
would never be effective.
Reported by Pierre Neidhardt <ambrevar@gmail.com>.
* gnu/build/activation.scm (modify-user): Pass '-d HOME'.
| Ludovic Courtès |
