Hi Janneke, On Wed, 07 Oct 2020 19:04:27 +0200 Jan Nieuwenhuizen wrote: > Depending on python pulls in X11: > > --8<---------------cut here---------------start------------->8--- > $ guix graph --path sudo libx11 > sudo@1.9.3p1 > python@3.8.2 > tk@8.6.10 > libx11@1.6.9 > --8<---------------cut here---------------end--------------->8--- > > which is unfortunate, especially for the Hurd. > > However...do we really want to extend sudo with eh, a large programming > language that has a more impressive CVE list than a lovely tiny language > such as, say Guile? ;) I am very much in favor of not having unnecessary dependencies in things which are suid root. Also, there already IS PAM support in sudo, and PAM has modules--so why have yet another weird new mechanism? For auditing, there is auditd (even in Guix already). Furthermore, it makes updating sudo more brittle. Also, we removed when cross-compiling already, pointing to other problems. Please remove the python dependency entirely.