[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug#61462] [PATCH 08/10] services: Rename setuid-program-service-type.
|
From: |
Tobias Geerinckx-Rice |
|
Subject: |
[bug#61462] [PATCH 08/10] services: Rename setuid-program-service-type. |
|
Date: |
Sun, 5 Feb 2023 01:00:17 +0100 |
* gnu/services.scm (setuid-program->activation-gexp): Rename this…
(privileged-program->activation-gexp): …to this.
Operate on a list of <privileged-program> records.
(privileged-program-service-type): New variable, renamed from
setuid-program-service-type. Rename the service-type accordingly.
(setuid-program-service-type): Redefine as an alias for the above.
---
gnu/services.scm | 34 ++++++++++++++++++++--------------
1 file changed, 20 insertions(+), 14 deletions(-)
diff --git a/gnu/services.scm b/gnu/services.scm
index af9f4e1db6..09ff58dcd1 100644
--- a/gnu/services.scm
+++ b/gnu/services.scm
@@ -43,6 +43,7 @@ (define-module (gnu services)
#:use-module (gnu packages base)
#:use-module (gnu packages bash)
#:use-module (gnu packages hurd)
+ #:use-module (gnu system privilege)
#:use-module (gnu system setuid)
#:use-module (srfi srfi-1)
#:use-module (srfi srfi-9)
@@ -110,7 +111,8 @@ (define-module (gnu services)
extra-special-file
etc-service-type
etc-directory
- setuid-program-service-type
+ privileged-program-service-type
+ setuid-program-service-type ; deprecated
profile-service-type
firmware-service-type
gc-root-service-type
@@ -810,17 +812,17 @@ (define (etc-service files)
FILES must be a list of name/file-like object pairs."
(service etc-service-type files))
-(define (setuid-program->activation-gexp programs)
- "Return an activation gexp for setuid-program from PROGRAMS."
+(define (privileged-program->activation-gexp programs)
+ "Return an activation gexp for privileged-program from PROGRAMS."
(let ((programs (map (lambda (program)
;; FIXME This is really ugly, I didn't managed to use
;; "inherit"
- (let ((program-name (setuid-program-program program))
- (setuid? (setuid-program-setuid? program))
- (setgid? (setuid-program-setgid? program))
- (user (setuid-program-user program))
- (group (setuid-program-group program)) )
- #~(setuid-program
+ (let ((program-name (privileged-program-program
program))
+ (setuid? (privileged-program-setuid?
program))
+ (setgid? (privileged-program-setgid?
program))
+ (user (privileged-program-user program))
+ (group (privileged-program-group
program)) )
+ #~(privileged-program
(setuid? #$setuid?)
(setgid? #$setgid?)
(user #$user)
@@ -828,17 +830,17 @@ (define (setuid-program->activation-gexp programs)
(program #$program-name))))
programs)))
(with-imported-modules (source-module-closure
- '((gnu system setuid)))
+ '((gnu system privilege)))
#~(begin
- (use-modules (gnu system setuid))
+ (use-modules (gnu system privilege))
(activate-privileged-programs (list #$@programs))))))
-(define setuid-program-service-type
- (service-type (name 'setuid-program)
+(define privileged-program-service-type
+ (service-type (name 'privileged-program)
(extensions
(list (service-extension activation-service-type
- setuid-program->activation-gexp)))
+
privileged-program->activation-gexp)))
(compose concatenate)
(extend (lambda (config extensions)
(append config extensions)))
@@ -850,6 +852,10 @@ (define setuid-program-service-type
symbolic links to their @file{/run/privileged/bin} counterpart. It will be
removed in a future Guix release.")))
+(define setuid-program-service-type
+ ;; Deprecated alias to ease transition. Will be removed!
+ privileged-program-service-type)
+
(define (packages->profile-entry packages)
"Return a system entry for the profile containing PACKAGES."
;; XXX: 'mlet' is needed here for one reason: to get the proper
--
2.39.1
- [bug#61462] Add support for file capabilities(7), Tobias Geerinckx-Rice, 2023/02/12
- [bug#61462] [PATCH 01/10] system: Disallow file-like setuid-programs., Tobias Geerinckx-Rice, 2023/02/12
- [bug#61462] [PATCH 02/10] services: setuid-program: Populate /run/privileged/bin., Tobias Geerinckx-Rice, 2023/02/12
- [bug#61462] [PATCH 04/10] gnu: Replace (almost) all uses of /run/setuid-programs., Tobias Geerinckx-Rice, 2023/02/12
- [bug#61462] [PATCH 06/10] system: (gnu system setuid) wraps (gnu system privilege)., Tobias Geerinckx-Rice, 2023/02/12
- [bug#61462] [PATCH 03/10] system: Use /run/privileged/bin in search paths., Tobias Geerinckx-Rice, 2023/02/12
- [bug#61462] [PATCH 09/10] system: Use privileged-program-service-type by default., Tobias Geerinckx-Rice, 2023/02/12
- [bug#61462] [PATCH 08/10] services: Rename setuid-program-service-type.,
Tobias Geerinckx-Rice <=
- [bug#61462] [PATCH 07/10] build: Rename activate-setuid-programs., Tobias Geerinckx-Rice, 2023/02/12
- [bug#61462] [PATCH 05/10] system: Add (gnu system privilege)., Tobias Geerinckx-Rice, 2023/02/12
- [bug#61462] [PATCH 10/10] system: Add privileged-programs to <operating-system>., Tobias Geerinckx-Rice, 2023/02/12
- [bug#61462] Add support for file capabilities(7), Tobias Geerinckx-Rice, 2023/02/12