aboutsummaryrefslogtreecommitdiff
path: root/gnu/system/pam.scm
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2021-12-31 17:45:12 +0100
committerLudovic Courtès <ludo@gnu.org>2022-01-01 15:10:12 +0100
commit671e6a81804f264ddcdd6fe7579644404da079b8 (patch)
tree883a743fd1f9a261562fda1b5d5ae626feef25a8 /gnu/system/pam.scm
parent806a4e986d95a31cf09588cf10d1b9dae28a3d5e (diff)
downloadguix-671e6a81804f264ddcdd6fe7579644404da079b8.tar
guix-671e6a81804f264ddcdd6fe7579644404da079b8.tar.gz
system: Allow 'chfn' to change the user's full name.
Fixes <https://issues.guix.gnu.org/52539>. Reported by Jacob First <jacob.first@member.fsf.org>. * gnu/build/accounts.scm (allocate-passwd): Add comment as to why 'real-name' is taken from PREVIOUS. Add (not system?) to the condition. * gnu/system.scm (operating-system-etc-service) <login.defs>: Add "CHFN_RESTRICT". * gnu/system.scm (%setuid-programs): Add "chfn". * gnu/system/pam.scm (base-pam-services): Add "chfn". * doc/guix.texi (User Accounts): Document it.
Diffstat (limited to 'gnu/system/pam.scm')
-rw-r--r--gnu/system/pam.scm4
1 files changed, 2 insertions, 2 deletions
diff --git a/gnu/system/pam.scm b/gnu/system/pam.scm
index a31daada59..2574e019f1 100644
--- a/gnu/system/pam.scm
+++ b/gnu/system/pam.scm
@@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2013, 2014, 2015, 2016, 2017, 2019, 2020 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2013-2017, 2019-2021 Ludovic Courtès <ludo@gnu.org>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -285,7 +285,7 @@ authenticate to run COMMAND."
;; These programs are setuid-root.
(map (cut unix-pam-service <>
#:allow-empty-passwords? allow-empty-passwords?)
- '("passwd" "sudo"))
+ '("passwd" "chfn" "sudo"))
;; This is setuid-root, as well. Allow root to run "su" without
;; authenticating.
(list (unix-pam-service "su"