From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp1 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id WHKgF3wSYl9KCAAA0tVLHw (envelope-from ) for ; Wed, 16 Sep 2020 13:26:20 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp1 with LMTPS id 0HN2E3wSYl9jNgAAbx9fmQ (envelope-from ) for ; Wed, 16 Sep 2020 13:26:20 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id E4D5B94060B for ; Wed, 16 Sep 2020 13:26:19 +0000 (UTC) Received: from localhost ([::1]:43820 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kIXRy-0005a4-SC for larch@yhetil.org; Wed, 16 Sep 2020 09:26:18 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:53236) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kIXRa-0005Ya-67 for guix-devel@gnu.org; Wed, 16 Sep 2020 09:25:54 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]:40108) by eggs.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kIXRZ-0004ho-JL; Wed, 16 Sep 2020 09:25:53 -0400 Received: from [2a01:e0a:1d:7270:af76:b9b:ca24:c465] (port=39608 helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from ) id 1kIXRU-0004z9-8X; Wed, 16 Sep 2020 09:25:52 -0400 From: =?utf-8?Q?Ludovic_Court=C3=A8s?= To: =?utf-8?Q?G=C3=A1bor?= Boskovits Subject: Re: Setuid programs References: <877dtj753p.fsf@gmail.com> <871rja3hdv.fsf@dustycloud.org> <87eena1tl5.fsf@dustycloud.org> <87wo12zhob.fsf@dustycloud.org> X-URL: http://www.fdn.fr/~lcourtes/ X-Revolutionary-Date: Jour de la Vertu de =?utf-8?Q?l'Ann=C3=A9e?= 228 de la =?utf-8?Q?R=C3=A9volution?= X-PGP-Key-ID: 0x090B11993D9AEBB5 X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4 0CFB 090B 1199 3D9A EBB5 X-OS: x86_64-pc-linux-gnu Date: Wed, 16 Sep 2020 15:25:35 +0200 In-Reply-To: (=?utf-8?Q?=22G=C3=A1bor?= Boskovits"'s message of "Thu, 10 Sep 2020 09:27:08 +0200") Message-ID: <874knxonu8.fsf@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Guix-devel , Maxim Cournoyer Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org Sender: "Guix-devel" X-Scanner: scn0 Authentication-Results: aspmx1.migadu.com; dkim=none; dmarc=none; spf=pass (aspmx1.migadu.com: domain of guix-devel-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-devel-bounces@gnu.org X-Spam-Score: -1.01 X-TUID: B4B8w5LDL0Ay Hi, G=C3=A1bor Boskovits skribis: > I have two reasons for that: backwards compatibility is really > important, so we should not break it, and I believe this would not be > hard to do. > On the other hand it would be nice to have a more integrated backend, > and move as many things into the services infrastructure as practical, > and I think this is a good candidate for that. Wdyt? There=E2=80=99s already =E2=80=98setuid-program-service-type=E2=80=99. I t= hink the way forward would be to: 1. Define the record type you propose. 2. Have =E2=80=98setuid-program-service-type=E2=80=99 accept that through= its extensions. When it receives something else, it should transparently turn it into a record, for backward compatibility, and emit a deprecation warning. 3. Document the OS =E2=80=98setuid-programs=E2=80=99 field as taking a li= st of such records. How does that sound? Thanks, Ludo=E2=80=99.