bug#38438: Fcgiwrap service has no supplementary groups

bug-guix

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#38438: Fcgiwrap service has no supplementary groups

From:	pelzflorian (Florian Pelz)
Subject:	bug#38438: Fcgiwrap service has no supplementary groups
Date:	Wed, 4 Dec 2019 11:22:12 +0100

I had hoped the attached quick hack would fix my issue when testing
with the attached vm-image config from
<https://lists.gnu.org/archive/html/guix-devel/2019-11/msg00421.html>.
That is, I wanted it to suffice to set Gitolite’s umask to #o0027 as
described in the manual instead of #o0022, after I do `usermod -aG git
fcgiwrap`.  But instead I get “Operation not permitted” error from
setgroups.  I will try again later with the position of setuid and
setgroups call swapped.

The hack makes make-forkexec-constructor use the supplementary groups
from the user.  Systemd uses them by default.  However they should be
made more configurable.

Regards,
Florian

quick-hack.patch
Description: Text document

test-vm-config.scm
Description: Lotus Screencam

[Prev in Thread]

Current Thread

[Next in Thread]

bug#38438: Fcgiwrap service has no supplementary groups, pelzflorian (Florian Pelz) <=
- bug#38438: Fcgiwrap service has no supplementary groups, pelzflorian (Florian Pelz), 2019/12/04

Prev by Date: bug#38309: Recent $EMACSLOADPATH changes crash gnome-session
Next by Date: bug#38309: Recent $EMACSLOADPATH changes crash gnome-session
Previous by thread: bug#37882: [PATCH] build-system/linux-module: Accept a #:make-flags keyword.
Next by thread: bug#38438: Fcgiwrap service has no supplementary groups
Index(es):
- Date
- Thread