Support for setuid binaries

guix-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Support for setuid binaries

From:	Ludovic Courtès
Subject:	Support for setuid binaries
Date:	Wed, 30 Apr 2014 23:20:33 +0200
User-agent:	Gnus/5.130009 (Ma Gnus v0.9) Emacs/24.3 (gnu/linux)

Hello,

Commit 09e028f adds support for setuid binaries.  Since the store cannot
contain setuid binaries, we use the same technique as NixOS: setuid
binaries are created when booting (or when switching configurations.)

That is, for each setuid program, a hard link or a copy of the
executable is created under /run/setuid-programs and make setuid-root.

You can test it by running:

  ./pre-inst-env guix system vm build-aux/hydra/demo-os.scm

and running for instance ‘ping’ as guest from there.

Ludo’.

[Prev in Thread]

Current Thread

[Next in Thread]

Support for setuid binaries, Ludovic Courtès <=
- Re: Support for setuid binaries, David Thompson, 2014/04/30

Prev by Date: [PATCH] gnu: Add libpetsc
Next by Date: Re: [PATCH] gnu: Add libpetsc
Previous by thread: [PATCH] gnu: Add libpetsc
Next by thread: Re: Support for setuid binaries
Index(es):
- Date
- Thread