;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2021 Brice Waegeneire <brice@waegenei.re>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.

(define-module (gnu system setuid)
  #:use-module (guix records)
  #:export (setuid-program
            setuid-program?
            setuid-program-program
            setuid-program-setuid?
            setuid-program-setgid?
            setuid-program-user
            setuid-program-group

            file-like->setuid-program))

;;; Commentary:
;;;
;;; Data structures representing setuid/setgid programs.  This is meant to be
;;; used both on the host side and at run time--e.g., in activation snippets.
;;;
;;; Code:

(define-record-type* <setuid-program>
  setuid-program make-setuid-program
  setuid-program?
  ;; Path to program to link with setuid permissions
  (program       setuid-program-program) ;file-like
  ;; Whether to set user setuid bit
  (setuid?       setuid-program-setuid? ;boolean
                 (default #t))
  ;; Whether to set group setgid bit
  (setgid?       setuid-program-setgid? ;boolean
                 (default #f))
  ;; The user this should be set to (defaults to root)
  (user          setuid-program-user    ;integer or string
                 (default 0))
  ;; Group we want to set this to (defaults to root)
  (group         setuid-program-group   ;integer or string
                 (default 0)))

(define (file-like->setuid-program program)
  (setuid-program (program program)))
bmit' value='search'/>
</form>
</td></tr></table>
<div class='path'>path: <a href='/guix/log/?id=ce860cdd87106857f19147529f091592a8937838&amp;showmsg=1'>root</a>/<a href='/guix/log/gnu?id=ce860cdd87106857f19147529f091592a8937838&amp;showmsg=1'>gnu</a>/<a href='/guix/log/gnu/system?id=ce860cdd87106857f19147529f091592a8937838&amp;showmsg=1'>system</a>/<a href='/guix/log/gnu/system/accounts.scm?id=ce860cdd87106857f19147529f091592a8937838&amp;showmsg=1'>accounts.scm</a></div><div class='content'><table class='list nowrap'><tr class='nohover'><th class='left'>Age</th><th class='left'>Commit message (<a href='/guix/log/gnu/system/accounts.scm?id=ce860cdd87106857f19147529f091592a8937838'>Collapse</a>)</th><th class='left'>Author</th></tr>
<tr class='logheader'><td><span title='2023-10-05 23:14:54 +0200'>2023-10-05</span></td><td class='logsubject'><a href='/guix/commit/gnu/system/accounts.scm?id=97927608cb4f9c5d721115f1cb638de17ac38e62'>Revert "system: accounts: Export &lt;user-account&gt;."</a></td><td>Ludovic Courtès</td></tr>
<tr class='nohover-highlight'><td/><td colspan='3' class='logmsg'>
This reverts commit 03795e2ba27424fc98957da00f6c71325e7ae425.
Fixes &lt;https://issues.guix.gnu.org/66279&gt;.


</td></tr>
<tr class='logheader'><td><span title='2023-08-20 02:00:00 +0200'>2023-08-20</span></td><td class='logsubject'><a href='/guix/commit/gnu/system/accounts.scm?id=5a2c3352d8f8a08a5ba01542a3f282799e503d33'>Revert "gnu: system: Add home-directory-permissions field to &lt;user-account&gt;."</a></td><td>Tobias Geerinckx-Rice</td></tr>
<tr class='nohover-highlight'><td/><td colspan='3' class='logmsg'>
This reverts commit e9a5eebc785cb843034b38c5c5a6dd10904bdf2a, which
as far as I can tell breaks system roll-backs thusly:

[...]
In gnu/build/accounts.scm:
   239:27  3 (_ #&lt;&lt;password-entry&gt; name: "root" password: "x" uid: 0 gid: 0 real-name: "System &gt;)
In unknown file:
           2 (string-join ("root" "x" "0" "0" "System administrator" "/root" #t) ":" #&lt;undefined&gt;)
In ice-9/boot-9.scm:
  1685:16  1 (raise-exception _ #:continuable? _)
  1685:16  0 (raise-exception _ #:continuable? _)

ice-9/boot-9.scm:1685:16: In procedure raise-exception:
In procedure string-append: Wrong type (expecting string): #t


</td></tr>
<tr class='logheader'><td><span title='2023-08-25 15:12:54 +0200'>2023-08-25</span></td><td class='logsubject'><a href='/guix/commit/gnu/system/accounts.scm?id=e9a5eebc785cb843034b38c5c5a6dd10904bdf2a'>gnu: system: Add home-directory-permissions field to &lt;user-account&gt;.</a></td><td>David Thompson</td></tr>
<tr class='nohover-highlight'><td/><td colspan='3' class='logmsg'>
* gnu/system/accounts.scm (&lt;user-account&gt;)[home-directory-permissions]: New
field.
(user-account-home-directory-permissions): New accessor.
* gnu/build/activation.scm (activate-users+groups): Use home directory
permission bits from the user account object.
* doc/guix.texi (User Accounts): Document new field.

Signed-off-by: Josselin Poiret &lt;dev@jpoiret.xyz&gt;


</td></tr>
<tr class='logheader'><td><span title='2023-07-26 10:40:16 -0400'>2023-07-26</span></td><td class='logsubject'><a href='/guix/commit/gnu/system/accounts.scm?id=03795e2ba27424fc98957da00f6c71325e7ae425'>system: accounts: Export &lt;user-account&gt;.</a></td><td>Maxim Cournoyer</td></tr>
<tr class='nohover-highlight'><td/><td colspan='3' class='logmsg'>
</td></tr>