GNU bug report logs - #61462
Add support for file capabilities(7)

Previous Next

Package: guix-patches;

Reported by: Tobias Geerinckx-Rice <me <at> tobias.gr>

Date: Sun, 12 Feb 2023 20:46:01 UTC

Severity: normal

Tags: patch

Done: Tobias Geerinckx-Rice <me <at> tobias.gr>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Vagrant Cascadian <vagrant <at> debian.org>
To: Tobias Geerinckx-Rice <me <at> tobias.gr>, 61462 <at> debbugs.gnu.org
Subject: [bug#61462] Add support for file capabilities(7)
Date: Fri, 21 Jul 2023 11:53:55 -0700

[Message part 1 (text/plain, inline)]
Thanks for the refreshed v2 patches! I gave them a quick spin...

As noted on IRC, apparently it lacks actual calls to setcap, so that
part still needs another patch at least!

Otherwise, it did seem to more-or-less work...

There are compatibility symlinks from /run/setuid-programs to
/run/privledged/bin and it sets setuid on requested files.

I was a little curious about why /run/privlidged/bin as opposed to
without /bin ... keeping the door open for other privlidged things? What
about things that come from /gnu/store/*/sbin ? are those handled any
differently?

My only concern is... wow is it hard, even for a native speaker, to
spell privileged!

live well,
  vagrant

[signature.asc (application/pgp-signature, inline)]
This bug report was last modified 304 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.