aboutsummaryrefslogtreecommitdiff
path: root/gnu/system/privilege.scm
blob: fe6e60ad7c4dd5d80bf46416d8c11656fcd1979f (about) (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66

;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2021 Brice Waegeneire <brice@waegenei.re>
;;; Copyright © 2022 Tobias Geerinckx-Rice <me@tobias.gr>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.

(define-module (gnu system privilege)
  #:use-module (guix records)
  #:export (privileged-program
            privileged-program?
            privileged-program-program
            privileged-program-setuid?
            privileged-program-setgid?
            privileged-program-user
            privileged-program-group
            privileged-program-capabilities

            file-like->setuid-program))

;;; Commentary:
;;;
;;; Data structures representing privileged programs: binaries with additional
;;; permissions such as setuid/setgid, or POSIX capabilities.  This is meant to
;;; be used both on the host side and at run time--e.g., in activation snippets.
;;;
;;; Code:

(define-record-type* <privileged-program>
  privileged-program make-privileged-program
  privileged-program?
  ;; File name of the program to assign elevated privileges.
  (program       privileged-program-program) ;file-like
  ;; Whether to set the setuid (‘set user ID’) bit.
  (setuid?       privileged-program-setuid? ;boolean
                 (default #f))
  ;; Whether to set the setgid (‘set group ID’) bit.
  (setgid?       privileged-program-setgid? ;boolean
                 (default #f))
  ;; The user name or ID this should be set to (defaults to root's).
  (user          privileged-program-user ;integer or string
                 (default 0))
  ;; The group name or ID we want to set this to (defaults to root's).
  (group         privileged-program-group ;integer or string
                 (default 0))
  ;; POSIX capabilities in cap_from_text(3) form (defaults to #f: none).
  (capabilities  privileged-program-capabilities ;string or #f
                 (default #f)))

(define (file-like->setuid-program program)
  "Simple wrapper to facilitate MAPping over a list of file-like objects and
make them setuid, a pattern just common enough to justify a special helper."
  (privileged-program (program program)
                      (setuid? #t)))
generated by cgit
=fa98837b1d9586b9ca7bf77dae22c3bde0fc59b5'>nls: Update translations....* po/guix/ar.po: New file. * po/guix/LINGUAS: Add 'ar'. * po/doc/guix-cookbook.pt_BR.po: New file. * po/doc/local.mk: Add 'pt_BR' cookbook. * doc/local.mk: Add 'pt_BR' cookbook. * doc/htmlxref.cnf: Update URLs for cookbook. * doc/build.scm (%cookbook-languages): Add 'ko', 'pt_BR'. * doc/guix-cookbook.texi (Top): Mention 'ko', 'pt_BR' cookbook. Change-Id: Id1846ca100263b3fc1fa2ed52654c670270ee809 Florian Pelz 2024-02-29nls: Update translations....Change-Id: Ic1506db5813880153b6def005011618dc4529e8f Florian Pelz 2024-02-01nls: Update translations....Change-Id: I42b5d41bdd5cd1b096c977e132b7a85992223402 Florian Pelz 2024-01-28home: Add home-dotfiles-service....* gnu/home/service/dotfiles.scm: New file; * gnu/local.mk (GNU_SYSTEM_MODULES): Add it. * po/guix/POTFILES.in: Add it. * doc/guix.texi (Essential Home Services): Document it. Change-Id: I6769169cfacefc3842faa5b31bee081c56c28743 Co-authored-by: Ludovic Courtès <ludo@gnu.org> Giacomo Leidi 2024-01-01nls: Update translations....Change-Id: Ib407fd37896cc8653f5bfb1f76dba9dc775c8c10 Florian Pelz 2023-12-01nls: Update translations....* po/guix/ca.po: New file. * po/guix/LINGUAS: Add ca.$ Change-Id: Ibae3f58ba702d7c5a4fafdd59a19f70aa8e18212 Florian Pelz 2023-10-31nls: Update translations....Change-Id: I432aec0ea31ead192d6444c96dc42038f5c7ab9a Florian Pelz 2023-10-05doc: Fix channel name typo....When the manual has "variant-personal-packages", it actually refers to the channel "variant-packages", as it is named so elsewhere. To correct this, I ran the command grep -r -l variant-personal-packages | xargs \ sed -i 's/variang-personal-packages/variant-packages/g' * doc/guix.texi (Specifying Additional Channels): Fix channel name typo. * po/doc/guix-manual.de.po: Fix channel name typo. * po/doc/guix-manual.es.po: Fix channel name typo. * po/doc/guix-manual.fr.po: Fix channel name typo. * po/doc/guix-manual.pt_BR.po: Fix channel name typo. * po/doc/guix-manual.ru.po: Fix channel name typo. * po/doc/guix-manual.zh_CN.po: Fix channel name typo. Signed-off-by: Nikolaos Chatzikonstantinou <nchatz314@gmail.com> Signed-off-by: Ludovic Courtès <ludo@gnu.org> Nikolaos Chatzikonstantinou 2023-09-30nls: Update translations.Florian Pelz 2023-08-31nls: Update translations.Florian Pelz 2023-07-31nls: Update translations.Florian Pelz 2023-06-30nls: Update translations....* po/packages/ja.po: New file. * po/packages/LINGUAS: Add it. Florian Pelz 2023-06-18Add 'guix locate'....* guix/scripts/locate.scm, tests/guix-locate.sh: New files. * Makefile.am (MODULES): Add 'guix/scripts/locate.scm'. (SH_TESTS): Add 'tests/guix-locate.sh'. * po/guix/POTFILES.in: Add it. * doc/guix.texi (Invoking guix locate): New node. Co-authored-by: Antoine R. Dumont <antoine.romain.dumont@gmail.com> Ludovic Courtès 2023-05-31nls: Update translation keys for guix gc....* po/*/*.po (guix/scripts/gc.scm): Round MiBs in user feedback. Signed-off-by: Florian Pelz <pelzflorian@pelzflorian.de> Remco van 't Veer 2023-05-31nls: Update translations....* doc/guix-cookbook.texi (Top): Mention Slovak. Florian Pelz 2023-04-08nls: Make sure gnu/home/services/*.scm files are translatable....* po/guix/POTFILES.in: Add missing gnu/home/services/*.scm files. Ludovic Courtès 2023-03-16gnu: home: services: Add home-kodi-service-type....* gnu/home/services/media.scm: New file. * gnu/local.mk (GNU_SYSTEM_MODULES): Add it. * po/guix/POTFILES.in: Likewise. * doc/guix.texi (Media Home Services): Document it in new subsection. Jan (janneke) Nieuwenhuizen 2023-03-16gnu: home: services: Add home-znc-service-type....* gnu/home/services/messaging.scm: New file. * gnu/local.mk (GNU_SYSTEM_MODULES): Add it. * po/guix/POTFILES.in: Likewise. * doc/guix.texi (Messaging Home Services): Document it in new subsection. Jan (janneke) Nieuwenhuizen 2023-03-07nls: Fix more Texinfo Italiano....po/guix/it.po: Fix `@esempio`, `@sempio`, `@fine`. Julien Lepiller 2023-03-07nls: Update translations.Julien Lepiller 2023-02-26nls: Fix more Texinfo Italiano....* po/guix/it.po: Fix ‘@opzione’, ‘@comando’. Tobias Geerinckx-Rice 2023-02-26nls: Fix typo in Italian translation....I will, of course, fix this in Weblate or find someone who can, but this currently breaks ‘guix system search cups’. * po/guix/it.po: Fix ‘@dnf’ typo. Reported by tux_life in #guix: https://issues.guix.gnu.org/61961 Tobias Geerinckx-Rice 2023-02-03gnu: Remove key-mon.scm....The file is empty. * gnu/packages/key-mon.scm: Remove file. * gnu/local.mk (GNU_SYSTEM_MODULES): Remove it. * po/packages/POTFILES.in: Remove it. Julien Lepiller 2023-01-05nls: Update translations....* po/guix/ka.po: New file. * po/guix/LINGUAS: Add it. * po/packages/uk.po: New file. * po/packages/LINGUAS: Add it. Julien Lepiller 2022-12-15doc: Use VM image file name consistently....Previously, what "/tmp/qemu-image" refers to could be unclear at first. * doc/guix.texi (Running Guix in a VM): Use the original image file name instead of /tmp/qemu-image. * po/doc/guix-manual.de.po, po/doc/guix-manual.es.po, po/doc/guix-manual.fr.po, po/doc/guix-manual.pt_BR.po, po/doc/guix-manual.ru.po, po/doc/guix-manual.zh_CN.po: Adjust accordingly. Ludovic Courtès 2022-12-04nls: Update translations....po/packages/vi.po: New file. po/packages/LINGUAS: Add it. Julien Lepiller