civodul pushed a commit to branch master
in repository guix.
commit ce40b1c655edab622b4ad9ff49f948bd65753662
Author: Ludovic Courtès <[email protected]>
AuthorDate: Mon Aug 19 16:41:07 2024 +0200
install: Set ‘privileged-programs’ rather than ‘setuid-programs’.
* gnu/system/install.scm (installation-os)[setuid-programs]: Remove.
[privileged-programs]: New field.
Change-Id: I5c93f282f5ec790f13ac076e0ab0f6d59d92d59d
---
gnu/system/install.scm | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/gnu/system/install.scm b/gnu/system/install.scm
index 0195a0804d..78a3cdaaec 100644
--- a/gnu/system/install.scm
+++ b/gnu/system/install.scm
@@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2014-2022 Ludovic Courtès <[email protected]>
+;;; Copyright © 2014-2022, 2024 Ludovic Courtès <[email protected]>
;;; Copyright © 2015 Mark H Weaver <[email protected]>
;;; Copyright © 2016 Andreas Enge <[email protected]>
;;; Copyright © 2017 Marius Bakke <[email protected]>
@@ -27,7 +27,7 @@
(define-module (gnu system install)
#:use-module (gnu)
#:use-module (gnu system)
- #:use-module (gnu system setuid)
+ #:use-module (gnu system privilege)
#:use-module (gnu bootloader u-boot)
#:use-module (guix gexp)
#:use-module (guix store)
@@ -540,8 +540,9 @@ Access documentation at any time by pressing Alt-F2.\x1b[0m
;; We don't need setuid programs, except for 'passwd', which can be handy
;; if one is to allow remote SSH login to the machine being installed.
- (setuid-programs (list (setuid-program
- (program (file-append shadow "/bin/passwd")))))
+ (privileged-programs (list (privileged-program
+ (program (file-append shadow "/bin/passwd"))
+ (setuid? #t))))
(pam-services
;; Explicitly allow for empty passwords.
