GNU bug report logs - #73680
privileged-programs: cant set setuid/setgid to new accounts/groups

Previous Next

Package: guix;

Reported by: Dariqq <dariqq <at> posteo.net>

Date: Mon, 7 Oct 2024 14:56:02 UTC

Severity: normal

Done: Ludovic Courtès <ludo <at> gnu.org>

Bug is archived. No further changes may be made.

Full log

Message #25 received at 73680-done <at> debbugs.gnu.org (full text, mbox):

From: Ludovic Courtès <ludo <at> gnu.org>
To: Dariqq <dariqq <at> posteo.net>
Cc: 73767-done <at> debbugs.gnu.org, 73680-done <at> debbugs.gnu.org
Subject: Re: [bug#73767] [PATCH] gnu: system: Privilege programs after
 creating accounts.
Date: Thu, 24 Oct 2024 12:14:50 +0200

Hi Dariqq,

Dariqq <dariqq <at> posteo.net> skribis:

> Ensure that users and groups are already created when the privileging script
> runs. The order these scripts appear in the folded activation-service depends
> on the order these services are instantiated in the operating-system.
>
> Fixes https://issues.guix.gnu.org/73680.
>
> * gnu/system.scm (operating-system-default-essential-services): Move
> privileged-program-service above account-service.
> (hurd-default-essential-services): Likewise.
>
> Change-Id: I662fb1eff42e4088496fccb76e0efbf2b1da096e

[...]

> I would prefer a solution that also models this dependency to not depend on input order but this might be tricky.

Yes, that would be best.

I applied both patches and took the liberty to squash them: we usually
arrange to have the bug-fix and the test that exhibits the bug in the
same commit, for clarity.

Thanks for the investigation & fix!

Ludo’.
This bug report was last modified 212 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.