On 2022-02-04 23:10, Ludovic Courtès wrote:

> Hi!
>
> Andrew Tropin <andrew@trop.in> skribis:
>
>> From ad876e5b134072601fa97d82a39b320a269f34a5 Mon Sep 17 00:00:00 2001
>> From: Andrew Tropin <andrew@trop.in>
>> Date: Thu, 13 Jan 2022 21:41:58 +0300
>> Subject: [RFC PATCH v2] gnu: linux-pam: Change path to unix_chkpwd helper.
>>
>> * gnu/packages/patches/change-path-to-unix_chkpwd.patch: New file
>> * gnu/packages/linux.scm (linux-pam): Add patch.
>> * gnu/system/pam.scm (pam-root-service-type): Add unix_chkpwd to setuid
>> binaries.
>
> [...]
>
>> +     DIAG_PUSH_IGNORE_CAST_QUAL;
>> +-    execve(CHKPWD_HELPER, (char *const *) args, envp);
>> ++    execve("/run/setuid-programs/unix_chkpwd", (char *const *) args, envp);
>> +     DIAG_POP_IGNORE_CAST_QUAL;
>
> Looks reasonable to me.  However, could you change the CHKPWD_HELPER
> macro definition in the Makefile template, as you suggested, instead of
> patching the file?

Sure, done in v3.