aboutsummaryrefslogtreecommitdiff
path: root/gnu/system
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2024-08-19 16:41:07 +0200
committerLudovic Courtès <ludo@gnu.org>2024-08-19 16:41:07 +0200
commitce40b1c655edab622b4ad9ff49f948bd65753662 (patch)
treecf4cb8763d77bdacd6327438517ea7eaeec6dd9e /gnu/system
parentb51990057c177bfe12aa9bd2c4b3d5d39492cd9d (diff)
downloadguix-ce40b1c655edab622b4ad9ff49f948bd65753662.tar
guix-ce40b1c655edab622b4ad9ff49f948bd65753662.tar.gz
install: Set ‘privileged-programs’ rather than ‘setuid-programs’.
* gnu/system/install.scm (installation-os)[setuid-programs]: Remove. [privileged-programs]: New field. Change-Id: I5c93f282f5ec790f13ac076e0ab0f6d59d92d59d
Diffstat (limited to 'gnu/system')
-rw-r--r--gnu/system/install.scm9
1 files changed, 5 insertions, 4 deletions
diff --git a/gnu/system/install.scm b/gnu/system/install.scm
index 0195a0804d..78a3cdaaec 100644
--- a/gnu/system/install.scm
+++ b/gnu/system/install.scm
@@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2014-2022 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2014-2022, 2024 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2016 Andreas Enge <andreas@enge.fr>
;;; Copyright © 2017 Marius Bakke <mbakke@fastmail.com>
@@ -27,7 +27,7 @@
(define-module (gnu system install)
#:use-module (gnu)
#:use-module (gnu system)
- #:use-module (gnu system setuid)
+ #:use-module (gnu system privilege)
#:use-module (gnu bootloader u-boot)
#:use-module (guix gexp)
#:use-module (guix store)
@@ -540,8 +540,9 @@ Access documentation at any time by pressing Alt-F2.\x1b[0m
;; We don't need setuid programs, except for 'passwd', which can be handy
;; if one is to allow remote SSH login to the machine being installed.
- (setuid-programs (list (setuid-program
- (program (file-append shadow "/bin/passwd")))))
+ (privileged-programs (list (privileged-program
+ (program (file-append shadow "/bin/passwd"))
+ (setuid? #t))))
(pam-services
;; Explicitly allow for empty passwords.