diff options
author | Ludovic Courtès <ludo@gnu.org> | 2021-08-12 11:58:47 +0200 |
---|---|---|
committer | Ludovic Courtès <ludo@gnu.org> | 2021-08-12 12:34:13 +0200 |
commit | e0bd47b4fd5eb009f34004242e16b976e58756b0 (patch) | |
tree | 3f94668f99d34f279ddf113ca48d2c1e10f29ec5 /gnu/services.scm | |
parent | 5291fd7a4205394b863a8705b32fbb447321dc60 (diff) | |
download | guix-e0bd47b4fd5eb009f34004242e16b976e58756b0.tar.gz |
system: Handle 'setuid-programs' deprecation handling as a field sanitizer.
Previously, evaluating an OS configuration with a childhurd (for instance) would produce tens of lines like: guix system: warning: representing setuid programs with '#<file-append #<package shadow@4.8.1 gnu/packages/admin.scm:798 7ff97f6f7640> "/bin/passwd">' is deprecated; use 'setuid-program' instead Now, it prints this one line: gnu/system/hurd.scm:105:2: warning: representing setuid programs with file-like objects is deprecated; use 'setuid-program' instead This change also means that extensions of 'setuid-program-service-type' now have to provide a list of <setuid-program>, so it's stricter in this sense. * gnu/services.scm (setuid-program-file-like-deprecated): Remove. (setuid-program-service-type)[extend]: Remove 'setuid-program-file-like-deprecated' call. Assume CONFIG and EXTENSIONS are already lists of <setuid-program> records. * gnu/system.scm (<operating-system>)[setuid-programs]: Add 'sanitize' property. Change accessor name from '%operating-system-setuid-programs' to 'operating-system-setuid-programs'. (operating-system-default-essential-services) (hurd-default-essential-services): Adjust accordingly. (ensure-setuid-program-list): New macro. (%ensure-setuid-program-list): New procedure, based on 'setuid-program-file-like-deprecated'.
Diffstat (limited to 'gnu/services.scm')
-rw-r--r-- | gnu/services.scm | 15 |
1 files changed, 2 insertions, 13 deletions
diff --git a/gnu/services.scm b/gnu/services.scm index 2a8114a219..1655218f2d 100644 --- a/gnu/services.scm +++ b/gnu/services.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2015, 2016, 2017, 2018, 2019, 2020 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2015, 2016, 2017, 2018, 2019, 2020, 2021 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2016 Chris Marusich <cmmarusich@gmail.com> ;;; Copyright © 2020 Jan (janneke) Nieuwenhuizen <janneke@gnu.org> ;;; Copyright © 2020, 2021 Ricardo Wurmus <rekado@elephly.net> @@ -828,16 +828,6 @@ FILES must be a list of name/file-like object pairs." (activate-setuid-programs (list #$@programs)))))) -(define (setuid-program-file-like-deprecated file-like) - (match file-like - ((? file-like? program) - (warning - (G_ "representing setuid programs with '~a' is \ -deprecated; use 'setuid-program' instead~%") program) - (setuid-program (program program))) - ((? setuid-program? program) - program))) - (define setuid-program-service-type (service-type (name 'setuid-program) (extensions @@ -845,8 +835,7 @@ deprecated; use 'setuid-program' instead~%") program) setuid-program->activation-gexp))) (compose concatenate) (extend (lambda (config extensions) - (map setuid-program-file-like-deprecated - (append config extensions)))) + (append config extensions))) (description "Populate @file{/run/setuid-programs} with the specified executables, making them setuid-root."))) |