From 0dd8e4c35109ed8bc2406a0bc13e18823a334937 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Sun, 1 Sep 2024 02:00:00 +0200 Subject: privilege: Add file-like->setuid-program helper. * gnu/system/privilege.scm (file-like->setuid-program): New public procedure. * gnu/system/setuid.scm: Re-export it for compatibility. (file-like->setuid-program): Remove this old version. * gnu/services/docker.scm (singularity-setuid-programs): Use it (again). * gnu/services/desktop.scm (enlightenment-privileged-programs): Likewise. Change-Id: I8e41144438677a15cdadb3063651dbc780715497 --- gnu/services/desktop.scm | 3 +-- gnu/services/docker.scm | 3 +-- gnu/system/privilege.scm | 10 +++++++++- gnu/system/setuid.scm | 8 ++------ 4 files changed, 13 insertions(+), 11 deletions(-) (limited to 'gnu') diff --git a/gnu/services/desktop.scm b/gnu/services/desktop.scm index 8afb54ae48..041a1aab0f 100644 --- a/gnu/services/desktop.scm +++ b/gnu/services/desktop.scm @@ -1736,8 +1736,7 @@ (define (enlightenment-privileged-programs enlightenment-desktop-configuration) (match-record enlightenment-desktop-configuration (enlightenment) - (map (lambda (program) (privileged-program (program program) - (setuid? #t))) + (map file-like->setuid-program (list (file-append enlightenment "/lib/enlightenment/utils/enlightenment_sys") (file-append enlightenment diff --git a/gnu/services/docker.scm b/gnu/services/docker.scm index f0ac69a87e..3af0f79270 100644 --- a/gnu/services/docker.scm +++ b/gnu/services/docker.scm @@ -286,8 +286,7 @@ (define helpers "-helper"))) '("action" "mount" "start"))))) - (map (lambda (program) (privileged-program (program program) - (setuid? #t))) + (map file-like->setuid-program (list (file-append helpers "/singularity-action-helper") (file-append helpers "/singularity-mount-helper") (file-append helpers "/singularity-start-helper")))) diff --git a/gnu/system/privilege.scm b/gnu/system/privilege.scm index d89d5d5d1c..fe6e60ad7c 100644 --- a/gnu/system/privilege.scm +++ b/gnu/system/privilege.scm @@ -26,7 +26,9 @@ (define-module (gnu system privilege) privileged-program-setgid? privileged-program-user privileged-program-group - privileged-program-capabilities)) + privileged-program-capabilities + + file-like->setuid-program)) ;;; Commentary: ;;; @@ -56,3 +58,9 @@ (define-record-type* ;; POSIX capabilities in cap_from_text(3) form (defaults to #f: none). (capabilities privileged-program-capabilities ;string or #f (default #f))) + +(define (file-like->setuid-program program) + "Simple wrapper to facilitate MAPping over a list of file-like objects and +make them setuid, a pattern just common enough to justify a special helper." + (privileged-program (program program) + (setuid? #t))) diff --git a/gnu/system/setuid.scm b/gnu/system/setuid.scm index 4dd0cc8962..097797ce8d 100644 --- a/gnu/system/setuid.scm +++ b/gnu/system/setuid.scm @@ -21,15 +21,14 @@ (define-module (gnu system setuid) #:use-module (gnu system privilege) #:use-module (ice-9 match) #:use-module (srfi srfi-1) + #:re-export (file-like->setuid-program) #:export (setuid-program setuid-program? setuid-program-program setuid-program-setuid? setuid-program-setgid? setuid-program-user - setuid-program-group - - file-like->setuid-program)) + setuid-program-group)) ;;; Commentary: ;;; @@ -56,6 +55,3 @@ (define setuid-program-setuid? privileged-program-setuid?) (define setuid-program-setgid? privileged-program-setgid?) (define setuid-program-user privileged-program-user) (define setuid-program-group privileged-program-group) - -(define (file-like->setuid-program program) - (setuid-program (program program))) -- cgit v1.2.3