GNU bug report logs - #73680
privileged-programs: cant set setuid/setgid to new accounts/groups

Previous Next

Package: guix;

Reported by: Dariqq <dariqq <at> posteo.net>

Date: Mon, 7 Oct 2024 14:56:02 UTC

Severity: normal

Done: Ludovic Courtès <ludo <at> gnu.org>

Bug is archived. No further changes may be made.

Full log

Message #14 received at 73680 <at> debbugs.gnu.org (full text, mbox):

From: Dariqq <dariqq <at> posteo.net>
To: 73680 <at> debbugs.gnu.org
Subject: Re: bug#73680: privileged-programs: cant set setuid/setgid to new
 accounts/groups
Date: Wed,  9 Oct 2024 16:35:36 +0000


The problem is the ordering of the services which is responsible for the 
order in the activation-service-type after folding:

https://git.savannah.gnu.org/cgit/guix.git/tree/gnu/system.scm#n808

It currently looks something like this (omitting some things)


activation-service
...
account-service
etc-service
...
privileged-program-service

---

which are added to the folded activation-service in reverse order (one 
can check this by looking at the service-value of

(fold-services (operating-system-services %os) #:target-type 
activation-service-type)


I think the easiest solution would be to either move the 
privileged-program-service-type up or the account-service down.


Because activation-service is above account-service users/groups are 
already available for direct activation-service extensions that set 
permission/ownership on files

This bug report was last modified 212 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #73680 privileged-programs: cant set setuid/setgid to new accounts/groups

GNU bug report logs - #73680
privileged-programs: cant set setuid/setgid to new accounts/groups