Hi! We have quite a few *.packages variables in NixOS: udev.packages, hal.packages, dbus.packages etc.
I see only one reason for separating these packages from system.packages: programs/config files/... supplied by these packages are likely to be executed/readed by a daemon running under root priveledges. I propose to merge these variables into one variable (say, security.packages). If nobody objects, I'll start working on this. Also I'd like to change the way /var/setuid-wrappers list is generated. I propose the following way: packages in nixpkgs advertise that they need given binary to be wrapped as setuid. For each package in security.packages, we create all wrappers requested by these packages. This will solve the problem of setuid-wrappers that point to a non-existent binary in "default" profile. -- Yury G. Kudryashov, mailto: [email protected] _______________________________________________ nix-dev mailing list [email protected] https://mail.cs.uu.nl/mailman/listinfo/nix-dev
