From 5e738ac224c7aea948773e89235dc1418bff448e Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Tue, 24 Feb 2015 23:54:29 -0500 Subject: system: Clean /tmp and /var/run during early boot. * gnu/system.scm (operating-system-boot-script): Clean out /tmp and /var/run before activating the system. --- gnu/system.scm | 15 +++++++++++++++ 1 file changed, 15 insertions(+) (limited to 'gnu/system.scm') diff --git a/gnu/system.scm b/gnu/system.scm index ece61adb2b..a91c7136da 100644 --- a/gnu/system.scm +++ b/gnu/system.scm @@ -1,5 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2013, 2014, 2015 Ludovic Courtès +;;; Copyright © 2015 Mark H Weaver ;;; ;;; This file is part of GNU Guix. ;;; @@ -695,6 +696,20 @@ we're running in the final root." (dmd-conf (dmd-configuration-file services))) (gexp->file "boot" #~(begin + (use-modules (guix build utils)) + + ;; Clean out /tmp and /var/run. + ;; + ;; XXX This needs to happen before service activations, so + ;; it has to be here, but this also implicitly assumes + ;; that /tmp and /var/run are on the root partition. + (false-if-exception (delete-file-recursively "/tmp")) + (false-if-exception (delete-file-recursively "/var/run")) + (false-if-exception (mkdir "/tmp")) + (false-if-exception (chmod "/tmp" #o1777)) + (false-if-exception (mkdir "/var/run")) + (false-if-exception (chmod "/var/run" #o755)) + ;; Activate the system. ;; TODO: Use 'load-compiled'. (primitive-load #$activate) -- cgit 1.4.1 From b158f1d751b17acc1700fce9777d2b85ffa8e914 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Sun, 12 Apr 2015 15:33:42 +0200 Subject: system: Allow users to PTRACE_ATTACH to their own processes. * gnu/build/activation.scm (activate-ptrace-attach): New procedure. * gnu/system.scm (operating-system-activation-script): Use it. --- gnu/build/activation.scm | 13 +++++++++++++ gnu/system.scm | 3 +++ 2 files changed, 16 insertions(+) (limited to 'gnu/system.scm') diff --git a/gnu/build/activation.scm b/gnu/build/activation.scm index 64c3410baf..0c60355a1c 100644 --- a/gnu/build/activation.scm +++ b/gnu/build/activation.scm @@ -30,6 +30,7 @@ activate-/bin/sh activate-modprobe activate-firmware + activate-ptrace-attach activate-current-system)) ;;; Commentary: @@ -335,6 +336,18 @@ by itself, without having to resort to a \"user helper\"." (lambda (port) (display directory port)))) +(define (activate-ptrace-attach) + "Allow users to PTRACE_ATTACH their own processes. + +This works around a regression introduced in the default \"security\" policy +found in Linux 3.4 onward that prevents users from attaching to their own +processes--see Yama.txt in the Linux source tree for the rationale. This +sounds like an unacceptable restriction for little or no security +improvement." + (call-with-output-file "/proc/sys/kernel/yama/ptrace_scope" + (lambda (port) + (display 0 port)))) + (define %current-system ;; The system that is current (a symlink.) This is not necessarily the same diff --git a/gnu/system.scm b/gnu/system.scm index a91c7136da..6cf12df604 100644 --- a/gnu/system.scm +++ b/gnu/system.scm @@ -681,6 +681,9 @@ etc." (activate-firmware (string-append #$firmware "/lib/firmware")) + ;; Let users debug their own processes! + (activate-ptrace-attach) + ;; Run the services' activation snippets. ;; TODO: Use 'load-compiled'. (for-each primitive-load '#$actions) -- cgit 1.4.1