From 671e6a81804f264ddcdd6fe7579644404da079b8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= <ludo@gnu.org>
Date: Fri, 31 Dec 2021 17:45:12 +0100
Subject: system: Allow 'chfn' to change the user's full name.

Fixes <https://issues.guix.gnu.org/52539>.
Reported by Jacob First <jacob.first@member.fsf.org>.

* gnu/build/accounts.scm (allocate-passwd): Add comment as to why
'real-name' is taken from PREVIOUS.  Add (not system?) to the
condition.
* gnu/system.scm (operating-system-etc-service) <login.defs>: Add
"CHFN_RESTRICT".
* gnu/system.scm (%setuid-programs): Add "chfn".
* gnu/system/pam.scm (base-pam-services): Add "chfn".
* doc/guix.texi (User Accounts): Document it.
---
 gnu/build/accounts.scm | 8 ++++++--
 gnu/system.scm         | 8 +++++++-
 gnu/system/pam.scm     | 4 ++--
 3 files changed, 15 insertions(+), 5 deletions(-)

(limited to 'gnu')

diff --git a/gnu/build/accounts.scm b/gnu/build/accounts.scm
index f60d68d9b3..1247fc640c 100644
--- a/gnu/build/accounts.scm
+++ b/gnu/build/accounts.scm
@@ -1,5 +1,5 @@
 ;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2019 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2019, 2021 Ludovic Courtès <ludo@gnu.org>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -490,7 +490,11 @@ new UIDs."
                                (uid id)
                                (directory directory)
                                (gid (if (number? group) group (group-id group)))
-                               (real-name (if previous
+
+                               ;; Users might change their name to something
+                               ;; other than what the sysadmin chose, with
+                               ;; 'chfn'.  Thus consider it "stateful".
+                               (real-name (if (and previous (not system?))
                                               (password-entry-real-name previous)
                                               real-name))
 
diff --git a/gnu/system.scm b/gnu/system.scm
index 088c62ddde..cc925de16f 100644
--- a/gnu/system.scm
+++ b/gnu/system.scm
@@ -913,7 +913,12 @@ the /etc directory."
                         "/run/current-system/profile/sbin\n"
                         "ENV_SUPATH  /run/setuid-programs:"
                         "/run/current-system/profile/bin:"
-                        "/run/current-system/profile/sbin\n")))
+                        "/run/current-system/profile/sbin\n"
+
+                        "\n"
+                        "# Allow 'chfn' to change the full name,\n"
+                        "# room number, and so on.\n"
+                        "CHFN_RESTRICT   frwh\n")))
 
          (hurd       (operating-system-hurd os))
          (issue      (plain-file "issue" (operating-system-issue os)))
@@ -1158,6 +1163,7 @@ deprecated; use 'setuid-program' instead~%"))
   (let ((shadow (@ (gnu packages admin) shadow)))
     (map file-like->setuid-program
          (list (file-append shadow "/bin/passwd")
+               (file-append shadow "/bin/chfn")
                (file-append shadow "/bin/sg")
                (file-append shadow "/bin/su")
                (file-append shadow "/bin/newgrp")
diff --git a/gnu/system/pam.scm b/gnu/system/pam.scm
index a31daada59..2574e019f1 100644
--- a/gnu/system/pam.scm
+++ b/gnu/system/pam.scm
@@ -1,5 +1,5 @@
 ;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2013, 2014, 2015, 2016, 2017, 2019, 2020 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2013-2017, 2019-2021 Ludovic Courtès <ludo@gnu.org>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -285,7 +285,7 @@ authenticate to run COMMAND."
           ;; These programs are setuid-root.
           (map (cut unix-pam-service <>
                     #:allow-empty-passwords? allow-empty-passwords?)
-               '("passwd" "sudo"))
+               '("passwd" "chfn" "sudo"))
           ;; This is setuid-root, as well.  Allow root to run "su" without
           ;; authenticating.
           (list (unix-pam-service "su"
-- 
cgit v1.2.3