diff options
| author | Jan (janneke) Nieuwenhuizen <janneke@gnu.org> | 2020-10-09 22:55:46 +0200 |
|---|---|---|
| committer | Jan (janneke) Nieuwenhuizen <janneke@gnu.org> | 2020-10-09 23:25:33 +0200 |
| commit | 16f8ea064cde3ee4ef36212cdbdef90e98ba6914 (patch) | |
| tree | d74d28d0f2bf8325bc7ef70851f66e92915c0f2c /gnu/system/hurd.scm | |
| parent | f08587682a631d3fe30159af838c6766dd65205b (diff) | |
| download | guix-16f8ea064cde3ee4ef36212cdbdef90e98ba6914.tar.gz | |
system: hurd: Add PAM support with shadow and sudo.
* gnu/system.scm (hurd-default-essential-services): Add setuid-program-service-type. * gnu/system/hurd.scm (%base-packages/hurd): Add shadow, sudo. (%setuid-programs/hurd): New variable. (%hurd-default-operating-system)[setuid-program]: Use it. [pam-services, sudoers-file]: Remove overrides; enabling regular defaults. * gnu/system/examples/bare-hurd.tmpl (%hurd-os)[users]: New field. [services]: Do not disable PAM in SSH.
Diffstat (limited to 'gnu/system/hurd.scm')
| -rw-r--r-- | gnu/system/hurd.scm | 20 |
1 files changed, 15 insertions, 5 deletions
diff --git a/gnu/system/hurd.scm b/gnu/system/hurd.scm index 80fffe8e45..767a624493 100644 --- a/gnu/system/hurd.scm +++ b/gnu/system/hurd.scm @@ -42,7 +42,8 @@ #:export (%base-packages/hurd %base-services/hurd %hurd-default-operating-system - %hurd-default-operating-system-kernel)) + %hurd-default-operating-system-kernel + %setuid-programs/hurd)) ;;; Commentary: ;;; @@ -62,7 +63,7 @@ (define %base-packages/hurd (list hurd bash coreutils file findutils grep sed guile-3.0 guile-colorized guile-readline - net-base inetutils less shepherd which)) + net-base inetutils less shadow shepherd sudo which)) (define %base-services/hurd (list (service hurd-console-service-type @@ -86,6 +87,17 @@ `(("/bin/sh" ,(file-append bash "/bin/sh")) ("/usr/bin/env" ,(file-append coreutils "/bin/env")))))) +(define %setuid-programs/hurd + ;; Default set of setuid-root programs. + (list (file-append shadow "/bin/passwd") + (file-append shadow "/bin/sg") + (file-append shadow "/bin/su") + (file-append shadow "/bin/newgrp") + (file-append shadow "/bin/newuidmap") + (file-append shadow "/bin/newgidmap") + (file-append sudo "/bin/sudo") + (file-append sudo "/bin/sudoedit"))) + (define %hurd-default-operating-system (operating-system (kernel %hurd-default-operating-system-kernel) @@ -103,6 +115,4 @@ (timezone "GNUrope") (name-service-switch #f) (essential-services (hurd-default-essential-services this-operating-system)) - (pam-services '()) - (setuid-programs '()) - (sudoers-file #f))) + (setuid-programs %setuid-programs/hurd))) |