From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp0 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id mMz5Clb7s1/VbAAA0tVLHw (envelope-from ) for ; Tue, 17 Nov 2020 16:33:26 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp0 with LMTPS id KGrfBlb7s1/bKwAA1q6Kng (envelope-from ) for ; Tue, 17 Nov 2020 16:33:26 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 2F88E9401CD for ; Tue, 17 Nov 2020 16:33:25 +0000 (UTC) Received: from localhost ([::1]:38074 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kf3v1-00043T-U9 for larch@yhetil.org; Tue, 17 Nov 2020 11:33:23 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:38322) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kf3ug-000413-M1 for guix-patches@gnu.org; Tue, 17 Nov 2020 11:33:04 -0500 Received: from debbugs.gnu.org ([209.51.188.43]:49436) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kf3ug-0008RK-Cd for guix-patches@gnu.org; Tue, 17 Nov 2020 11:33:02 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1kf3ug-0005va-AE for guix-patches@gnu.org; Tue, 17 Nov 2020 11:33:02 -0500 X-Loop: help-debbugs@gnu.org Subject: [bug#44700] services: setuid: More configurable setuid support. Resent-From: Christopher Lemmer Webber Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Tue, 17 Nov 2020 16:33:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 44700 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: To: Ludovic =?UTF-8?Q?Court=C3=A8s?= Cc: 44700@debbugs.gnu.org Received: via spool by 44700-submit@debbugs.gnu.org id=B44700.160563073822736 (code B ref 44700); Tue, 17 Nov 2020 16:33:02 +0000 Received: (at 44700) by debbugs.gnu.org; 17 Nov 2020 16:32:18 +0000 Received: from localhost ([127.0.0.1]:60982 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kf3tx-0005ud-Oi for submit@debbugs.gnu.org; Tue, 17 Nov 2020 11:32:18 -0500 Received: from dustycloud.org ([50.116.34.160]:49976) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kf3tv-0005uV-BF for 44700@debbugs.gnu.org; Tue, 17 Nov 2020 11:32:16 -0500 Received: from twig (localhost [127.0.0.1]) by dustycloud.org (Postfix) with ESMTPS id 6885B26665; Tue, 17 Nov 2020 11:31:50 -0500 (EST) References: <874klog9tk.fsf@dustycloud.org> <87r1oss4dg.fsf@gnu.org> User-agent: mu4e 1.4.13; emacs 27.1 From: Christopher Lemmer Webber In-reply-to: <87r1oss4dg.fsf@gnu.org> Date: Tue, 17 Nov 2020 11:31:13 -0500 Message-ID: <87sg98djxq.fsf@dustycloud.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-Spam-Score: -1.0 (-) X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: "Guix-patches" X-Scanner: ns3122888.ip-94-23-21.eu Authentication-Results: aspmx1.migadu.com; dkim=none; dmarc=none; spf=pass (aspmx1.migadu.com: domain of guix-patches-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-patches-bounces@gnu.org X-Spam-Score: -1.01 X-TUID: hgn7jWex9Uwn Ludovic Court=C3=A8s writes: > Hello! > > Christopher Lemmer Webber skribis: > >>>>From eadac673fb22132c555a4e1cee57a6308ecfdad4 Mon Sep 17 00:00:00 2001 >> From: Christopher Lemmer Webber >> Date: Sun, 15 Nov 2020 16:58:52 -0500 >> Subject: [PATCH] services: setuid: More configurable setuid support. >> >> New record with fields for setting the specific user and >> group, as well as specifically selecting the setuid and setgid bits, for= a >> program within the setuid-program-service. >> >> * gnu/services.scm (): New record type. >> (setuid-program, make-setuid-program, setuid-program?) >> (setuid-program-program, stuid-program-setuid?, setuid-program-setgid?) >> (setuid-program-user, setuid-program-group): New variables, export the= m. >> (setuid-program-entry): New variable, a procedure used for the >> service-extension of activation-service-type as set up by >> setuid-program-service-type. Unpacks the record, >> handing off within the gexp to activate-setuid-programs. >> (setuid-program-service-type): Make use of setuid-program-entry. >> * gnu/build/activation.scm (activate-setuid-programs): Update to expect a >> ftagged list for each program entry, pre-unpacked from the >> record before being handed to this procedure. > > This looks like the right approach to me! > >> + (for-each (match-lambda >> + [('setuid-program src-path setuid? setgid? user group) >> + (let ((uid (match user >> + [(? string?) (passwd:uid (getpwnam user))] >> + [(? integer?) user])) >> + (gid (match group >> + [(? string?) (group:gid (getgrnam user))] >> + [(? integer?) group]))) >> + (catch 'system-error >> + (lambda () >> + (let ((target (string-append %setuid-directory >> + "/" (basename src-pat= h))) >> + (mode (+ #o0555 ; base per= missions >> + (if setuid? #o4000 0) ; setuid b= it >> + (if setgid? #o2000 0)))) ; setgid b= it >> + (copy-file src-path target) >> + (chown target uid gid) >> + (chmod target mode))) > > Nitpick: I=E2=80=99d write =E2=80=9Cprogram=E2=80=9D or =E2=80=9Csource= =E2=80=9D instead of =E2=80=9Csrc-path=E2=80=9D and avoid > square brackets for consistency with the rest of the code base (you > spent time in Racket-land, didn=E2=80=99t you? ;-)). Sounds good. And yes, Racket influence is shining through, oops! >> +(define (setuid-program-entry programs) >> + #~(activate-setuid-programs >> + ;; convert into a tagged list structure as expected by >> + ;; activate-setuid-programs >> + (list #$@(map (match-lambda >> + [(? setuid-program? sp) >> + #~(list 'setuid-program >> + #$(setuid-program-program sp) >> + #$(setuid-program-setuid? sp) >> + #$(setuid-program-setgid? sp) >> + #$(setuid-program-user sp) >> + #$(setuid-program-group sp))] >> + ;; legacy, non- structure >> + [program >> + ;; TODO: Spit out a warning here? >> + #~(list 'setuid-program >> + #$program >> + #t #t 0 0)]) >> + programs)))) > > Maybe what we could do is rename =E2=80=98operating-system-setuid-program= s=E2=80=99 to > =E2=80=99%operating-system-setuid-programs=E2=80=99, keep that internal, = and add a new > =E2=80=98operating-system-setuid-programs=E2=80=99 that calls the other o= ne and > =E2=80=9Ccanonicalizes=E2=80=9D list entries so that they=E2=80=99re all = > records. "rename"? There is no operating-system-setuid-programs so I'm not sure what you mean to rename from... setuid-program-entry, or presumably activate-setuid-programs...? > It would call: > > (warning log (G_ "representing setuid programs with strings is \ > deprecated; use 'setuid-program' instead~%")) Aha, I wasn't sure what to use for deprecation warnings actually, so this is helpful, thanks! > WDYT? > > Could you also update the =E2=80=9CSetuid Programs=E2=80=9D section of th= e manual? Happy to do it. > In a subsequent commit, we need to adjust all the services that extend > =E2=80=98setuid-program-service-type=E2=80=99 so they pass a and not a > string. Yes... let's worry about that once this interface is hammered out. :) Glad it seems like the general approach was right though! > Thanks! > > Ludo=E2=80=99.