GNU bug report logs -
#43851
[PATCH] gnu: sudo: Depend on python-minimal instead of python.
Previous Next
Reported by: Jan Nieuwenhuizen <janneke <at> gnu.org>
Date: Wed, 7 Oct 2020 17:05:01 UTC
Severity: normal
Tags: patch
Done: Jan Nieuwenhuizen <janneke <at> gnu.org>
Bug is archived. No further changes may be made.
Full log
View this message in rfc822 format
[Message part 1 (text/plain, inline)]
Your bug report
#43851: [PATCH] gnu: sudo: Depend on python-minimal instead of python.
which was filed against the guix-patches package, has been closed.
The explanation is attached below, along with your original report.
If you require more details, please reply to 43851 <at> debbugs.gnu.org.
--
43851: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=43851
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems
[Message part 2 (message/rfc822, inline)]
Tobias Geerinckx-Rice writes:
Hello!
> Maxim Cournoyer 写道:
>> If we don't have any use for it, I think it may be better to let the
>> dependency go altogether, to keep sudo as small and secure as
>> possible.
>
> I don't think sudo is either, nor does the presence of Python affect
> that meaningfully. But let's stop this pointless discussion since
> removing it helps the Hurd progress. That's enough.
>
> The Hurd is a lot more exciting than the removal of sudo Python
> support -- and actually *will* improve security!
Thanks all, I've removed the python dependency from sudo; pushed to
master as 165e0918da54643bfaf9a6cb6b866f8692e9f8f9.
Greetings,
Janneke
--
Jan Nieuwenhuizen <janneke <at> gnu.org> | GNU LilyPond http://lilypond.org
Freelance IT http://JoyofSource.com | Avatar® http://AvatarAcademy.com
[Message part 3 (message/rfc822, inline)]
[Message part 4 (text/plain, inline)]
Hi,
Depending on python pulls in X11:
--8<---------------cut here---------------start------------->8---
$ guix graph --path sudo libx11
sudo <at> 1.9.3p1
python <at> 3.8.2
tk <at> 8.6.10
libx11 <at> 1.6.9
--8<---------------cut here---------------end--------------->8---
which is unfortunate, especially for the Hurd.
However...do we really want to extend sudo with eh, a large programming
language that has a more impressive CVE list than a lovely tiny language
such as, say Guile? ;)
Greetings,
Janneke
[0001-gnu-sudo-Depend-on-python-minimal-instead-of-python.patch (text/x-patch, inline)]
From e28a7f0679cc70f48f2583b2f3fe5f9a1984d6cc Mon Sep 17 00:00:00 2001
From: "Jan (janneke) Nieuwenhuizen" <janneke <at> gnu.org>
Date: Wed, 7 Oct 2020 18:49:29 +0200
Subject: [PATCH] gnu: sudo: Depend on python-minimal instead of python.
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset=UTF-8
* gnu/packages/admin.scm (sudo)[inputs]: Use python-minimal instead of
python.
---
gnu/packages/admin.scm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm
index e62a145614..399c55a080 100644
--- a/gnu/packages/admin.scm
+++ b/gnu/packages/admin.scm
@@ -1499,7 +1499,7 @@ system administrator.")
("linux-pam" ,linux-pam)
,@(if (%current-target-system)
'()
- `(("python" ,python)))
+ `(("python" ,python-minimal)))
("zlib" ,zlib)))
(home-page "https://www.sudo.ws/")
(synopsis "Run commands as root")
--
Jan Nieuwenhuizen <janneke <at> gnu.org> | GNU LilyPond http://lilypond.org
Freelance IT http://JoyofSource.com | Avatar® http://AvatarAcademy.com
[Message part 6 (text/plain, inline)]
--
Jan Nieuwenhuizen <janneke <at> gnu.org> | GNU LilyPond http://lilypond.org
Freelance IT http://JoyofSource.com | Avatar® http://AvatarAcademy.com
This bug report was last modified 4 years and 227 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.