blob 00319aabdcc0e2412ac59407b7c10b9582108184 2725 bytes (raw)
name: gnu/services/setuid.scm # note: path name is non-authoritative(*)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
| | (define-module (gnu services setuid)
#:use-module (gnu services)
#:use-module (gnu services shepherd)
#:use-module (gnu system setuid)
#:use-module (guix gexp)
#:use-module (guix modules)
#:use-module (srfi srfi-1)
#:export (setuid-program-service-type))
(define (setuid-programs->shepherd-service programs)
(let ((programs (map (lambda (program)
;; FIXME This is really ugly, I didn't managed to use
;; "inherit"
(let ((program-name (setuid-program-program program))
(setuid? (setuid-program-setuid? program))
(setgid? (setuid-program-setgid? program))
(user (setuid-program-user program))
(group (setuid-program-group program)) )
#~(setuid-program
(setuid? #$setuid?)
(setgid? #$setgid?)
(user #$user)
(group #$group)
(program #$program-name))))
programs)))
(with-imported-modules (source-module-closure
'((gnu system setuid)
(gnu build activation)))
(list (shepherd-service
(documentation "Populate @file{/run/setuid-programs}.")
(provision '(setuid-programs))
;; TODO: actually need to require account service. maybe user-homes
;; as a proxy?
(requirement '(file-systems))
(one-shot? #t)
(modules '((gnu system setuid)
(gnu build activation)))
(start #~(lambda ()
(activate-setuid-programs (list #$@programs))
#t)))))))
(define setuid-program-service-type
(service-type (name 'setuid-program)
(extensions
(list
(service-extension shepherd-root-service-type
setuid-programs->shepherd-service)
;; Ensure that setuid programs are set up by the time they
;; might be needed by user-configured processes and daemons.
(service-extension user-processes-service-type
(const '(setuid-programs)))))
(compose concatenate)
(extend append)
(default-value '())
(description
"Populate @file{/run/setuid-programs} with the specified
executables, making them setuid and/or setgid.")))
|
debug log:
solving 00319aabdc ...
found 00319aabdc in https://yhetil.org/guix-patches/be028df8c5863da26b4818fdc1e27511b8b33b89.1686142757.git.bjc@spork.org/
applying [1/1] https://yhetil.org/guix-patches/be028df8c5863da26b4818fdc1e27511b8b33b89.1686142757.git.bjc@spork.org/
diff --git a/gnu/services/setuid.scm b/gnu/services/setuid.scm
new file mode 100644
index 0000000000..00319aabdc
Checking patch gnu/services/setuid.scm...
Applied patch gnu/services/setuid.scm cleanly.
index at:
100644 00319aabdcc0e2412ac59407b7c10b9582108184 gnu/services/setuid.scm
(*) Git path names are given by the tree(s) the blob belongs to.
Blobs themselves have no identifier aside from the hash of its contents.^
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).