Hi everyone, On Tue, Apr 25, 2023 at 10:04 AM Saku Laesvuori <[email protected]> wrote: > > Maybe you could remove the packages with setuid-programs from your home > configuration, but really this seems like a bug in guix home to me.
Maybe so, but it did not help that we ship an 'su' implementation that, according to the Heindal maintainers, has been obsolete for five years. Their releases are based on a stable branch which means they rely on distributions to drop the executables. (Debian renames them [1] but they are useless without setuid root and may not meet the PAM policy of the local administrator.) Here is a patch that removes the obsolete executables from Guix. [2] Perhaps someone with newly granted committer rights would like to have a look at it. Congratulations, also! I switched to building Heimdal from Git since I was not sure if or when [3] our gnu-build-system runs autogen.sh or any invocation of autoreconf when a ./configure script is already present (in the tarball). Kind regards Felix [1] https://sources.debian.org/src/heimdal/7.8.git20221117.28daf24%2Bdfsg-2/debian/rules/#L116 [2] https://issues.guix.gnu.org/63545 [3] https://github.com/guix-mirror/guix/blob/c8e599b9391f789a8a3e2183fc8f0c2a5061ceb0/gnu/packages/networking.scm#L3250-L3255
