GNU bug report logs - #41763
services: opensmtpd: Fix the setgid problem for the smtpctl utility.

Please note: This is a static page, with minimal formatting, updated once a day.
Click here to see this page with the latest information and nicer formatting.

Package: guix-patches; Reported by: maxim.cournoyer@HIDDEN; dated Mon, 8 Jun 2020 17:47:01 UTC; Maintainer for guix-patches is guix-patches@HIDDEN.
Added indication that bug 41763 blocks41874 Request was from Brice Waegeneire <brice@HIDDEN> to control <at> debbugs.gnu.org. Full text available.

Message received at 41763 <at> debbugs.gnu.org:


Received: (at 41763) by debbugs.gnu.org; 15 Jun 2020 15:12:56 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Mon Jun 15 11:12:56 2020
Received: from localhost ([127.0.0.1]:47175 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1jkqn9-0007Nq-TZ
	for submit <at> debbugs.gnu.org; Mon, 15 Jun 2020 11:12:56 -0400
Received: from relay2-d.mail.gandi.net ([217.70.183.194]:65471)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <brice@HIDDEN>) id 1jkqn8-0007Nc-63
 for 41763 <at> debbugs.gnu.org; Mon, 15 Jun 2020 11:12:55 -0400
X-Originating-IP: 78.237.113.178
Received: from localhost (luy13-1-78-237-113-178.fbx.proxad.net
 [78.237.113.178]) (Authenticated sender: brice@HIDDEN)
 by relay2-d.mail.gandi.net (Postfix) with ESMTPSA id E9EA140008;
 Mon, 15 Jun 2020 15:12:46 +0000 (UTC)
From: Brice Waegeneire <brice@HIDDEN>
To: maxim.cournoyer@HIDDEN
Subject: Re: [bug#41763] services: opensmtpd: Fix the setgid problem for the
 smtpctl utility.
In-Reply-To: <87eeqpih6q.fsf@HIDDEN>
 (maxim cournoyer's message of "Mon, 08 Jun 2020 13:46:37 -0400")
References: <87eeqpih6q.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.91 (gnu/linux)
Date: Mon, 15 Jun 2020 17:12:40 +0200
Message-ID: <87d060747r.fsf@HIDDEN>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 41763
Cc: Christopher Baines <mail@HIDDEN>, 41763 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.7 (-)


Hello Maxim,

Thank you for the patchset!

maxim.cournoyer@HIDDEN writes:

> The following patches provide a mean to specify a user and group for a
> setuid program, and uses that to fix a setgid permission issue in the
> context of the opensmtpd service.

I applied it to try to use wireshark as non-root[0]:

--8<---------------cut here---------------start------------->8---
(simple-service 'wireshark-group account-service-type
                   (list (user-group (name "wireshark") (system? #t))))
(simple-service 'wireshark-dumpcap setuid-program-service-type
                   (list (list (file-append wireshark "/bin/dumpcap")
                               "root" "wireshark")))
--8<---------------cut here---------------end--------------->8---

And unfortunately the first run of =E2=80=9Cguix reconfigure=E2=80=9C faile=
d to make
=E2=80=9Cdumpcap=E2=80=9C as a setuid, but subsequent run succeeded:

--8<---------------cut here---------------start------------->8---
[=E2=80=A6]
setting up setuid programs in '/run/setuid-programs'...
warning: failed to make '/gnu/store/vdlk9rli5k5svy8p7bhf90ln03ybnxgj-wiresh=
ark-3.2.4/bin/dumpcap' setuid (root:wireshark): Success
populating /etc from /gnu/store/hxjyvg80zjaxfynjyk3jgqsn9249azmx-etc...
[=E2=80=A6]
--8<---------------cut here---------------end--------------->8---

I guess it's because at first there wasn't a wireshark group on my
system, adding the group and the setuid program was done in the same
run, but =E2=80=9Csetting up setuid programs=E2=80=9D is done before =E2=80=
=9Cpopulating /etc=E2=80=9D
(comprising /etc/passwd) which in effect ended up trying to setuid
=E2=80=9Cdumpcap=E2=80=9C before the =E2=80=9Cwireshark=E2=80=9C group exis=
ts. And subsequent runs
succeeded creating a setuid =E2=80=9Cdumpcap=E2=80=9D because the new group=
 was already
on the system, it was created during the first run.

Populating /etc before setting up /run/setuid-programs should fix that
issue but maybe there is reason behind the current order of execution.

> Christopher, you should be able to leverage this new facility to
> configure the uid/gid of the sendmail program to that of the smtpq user,
> like this:
>
> (operating-system)
>   [...]
>   (setuid-programs (cons (list (file-append sendmail "/usr/sbin/sendmail"=
) "smtpq")
>                            %setuid-programs))
>

Aside from that I wonder if specifying user and group in a list is
future proof, maybe using a record would be more Guixy. In particular I
would like to be able to set capabilities (as with =E2=80=9Csetcap=E2=80=9C=
) on binaries
since the store don't support it[1]; if that's even possible but it's an
other issue.

[0]: https://wiki.wireshark.org/CaptureSetup/CapturePrivileges#Most_UNIXes
[1]: https://lists.gnu.org/archive/html/help-guix/2016-11/msg00046.html

- Brice




Information forwarded to guix-patches@HIDDEN:
bug#41763; Package guix-patches. Full text available.

Message received at 41763 <at> debbugs.gnu.org:


Received: (at 41763) by debbugs.gnu.org; 11 Jun 2020 19:20:16 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Thu Jun 11 15:20:16 2020
Received: from localhost ([127.0.0.1]:38087 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1jjSkJ-0005Rn-Pv
	for submit <at> debbugs.gnu.org; Thu, 11 Jun 2020 15:20:15 -0400
Received: from mira.cbaines.net ([212.71.252.8]:59992)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <mail@HIDDEN>) id 1jjSkH-0005Re-FK
 for 41763 <at> debbugs.gnu.org; Thu, 11 Jun 2020 15:20:14 -0400
Received: from localhost (unknown [46.237.175.96])
 by mira.cbaines.net (Postfix) with ESMTPSA id 1FBCF27BBE1;
 Thu, 11 Jun 2020 20:20:12 +0100 (BST)
Received: from localhost (localhost [local])
 by localhost (OpenSMTPD) with ESMTPA id a7c50112;
 Thu, 11 Jun 2020 19:20:08 +0000 (UTC)
References: <87eeqpih6q.fsf@HIDDEN>
User-agent: mu4e 1.2.0; emacs 26.3
From: Christopher Baines <mail@HIDDEN>
To: maxim.cournoyer@HIDDEN
Subject: Re: services: opensmtpd: Fix the setgid problem for the smtpctl
 utility.
In-reply-to: <87eeqpih6q.fsf@HIDDEN>
Date: Thu, 11 Jun 2020 20:20:06 +0100
Message-ID: <87v9jx8l5l.fsf@HIDDEN>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
 micalg=pgp-sha512; protocol="application/pgp-signature"
X-Spam-Score: -0.0 (/)
X-Debbugs-Envelope-To: 41763
Cc: 41763 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

--=-=-=
Content-Type: text/plain


maxim.cournoyer@HIDDEN writes:

> The following patches provide a mean to specify a user and group for a
> setuid program, and uses that to fix a setgid permission issue in the
> context of the opensmtpd service.
>
> Christopher, you should be able to leverage this new facility to
> configure the uid/gid of the sendmail program to that of the smtpq user,
> like this:
>
> --8<---------------cut here---------------start------------->8---
> (operating-system)
>   [...]
>   (setuid-programs (cons (list (file-append sendmail "/usr/sbin/sendmail") "smtpq")
>                            %setuid-programs))
> --8<---------------cut here---------------end--------------->8---
>
> The smtpq user is created as part of the OpenSMTPD service definition.
>
> Thank you,
>
>
> Maxim

Well, thank you for looking in to this Maxim. I've had a brief look
through the patches, although I don't know enough about this area to
comment properly on them.

I wonder if it's worth using a record type to make it possible to pass
the user and group values to the service. That would probably result in
more readable configuration than just using a list of varying length.

Specifically on the diff:

- (list #$@programs))))))
+ (quote (#$@programs)))))))

This change here will mean that you can't pass some values in, as they
won't be evaluated. #~(string-append sendmail "/usr/sbin/sendmail")
would no longer work for example.

Thanks again,

Chris

--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEPonu50WOcg2XVOCyXiijOwuE9XcFAl7ig+ZfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDNF
ODlFRUU3NDU4RTcyMEQ5NzU0RTBCMjVFMjhBMzNCMEI4NEY1NzcACgkQXiijOwuE
9XfQ5w//TdCjyIV7Il7qPxVxVkms4DPVxiCBM7owp8+Pd7alvSs1RucW/ItAJFGJ
cqiOpK52A9TOQ6Nn5RgWvKR9F4LVQ/kg8kLEWsTtjAetoQU5fv5MnraN8q7Jkeej
PZtFj1h5HoBbVVxPSNcMVsX/l2WwrLZ0GzdNDYTH5PPovlMFSL1Vr1CEe8mvDAnL
LJ8znjXz149b9DS+aqWx+SOFyR3e+6cNdyfVIe0tFlum+QjIUXt+9iCr1RVc2WJB
QKPPCabnzyVuSz8p7pQHoUlxgO+9hDmoZKPVeZQ4NuzBLqZ4Jqzyc+2ydg8nKcBJ
58GcTmZUrd/QmSpzZpJWw6ljhhY0iapGeVKI+x+sHrXIepVLw3Vh50exOCvSYMit
HBJ7C4qRFmQZ/I+9CuyHHdCJGWftre0s0nQf8jaEkRoFeuI2uOqQKP3O2TsQKlRN
j1wZy8zRxT1XIITtyl8r7s3/LANUCj6PSXvOrKAeWuBT8CuHxXjekywuIHw1fU2X
Xp8SVuC8hVsoFisR6N+zJrg7EkPolyQsjw5a3TIxW1/aVuMXvro8ptVsika6bExJ
j/vGYHT7jtmdQoKNNTPfkPYyvPnSAFjUx/V273uaH1Z802Bm398qqwVEwr8V9Qf4
9JOCiJ48svqO5zrrjJuoajLjo7/v/X1bdUNL8C0qg5B8YweeEY8=
=5aP7
-----END PGP SIGNATURE-----
--=-=-=--




Information forwarded to guix-patches@HIDDEN:
bug#41763; Package guix-patches. Full text available.

Message received at submit <at> debbugs.gnu.org:


Received: (at submit) by debbugs.gnu.org; 8 Jun 2020 17:46:51 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Mon Jun 08 13:46:51 2020
Received: from localhost ([127.0.0.1]:57847 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1jiLrG-0000UI-QL
	for submit <at> debbugs.gnu.org; Mon, 08 Jun 2020 13:46:51 -0400
Received: from lists.gnu.org ([209.51.188.17]:49030)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <maxim.cournoyer@HIDDEN>) id 1jiLrE-0000UA-Ok
 for submit <at> debbugs.gnu.org; Mon, 08 Jun 2020 13:46:49 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:52868)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <maxim.cournoyer@HIDDEN>)
 id 1jiLrD-0000EI-Sa
 for guix-patches@HIDDEN; Mon, 08 Jun 2020 13:46:48 -0400
Received: from mail-qk1-x734.google.com ([2607:f8b0:4864:20::734]:34520)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <maxim.cournoyer@HIDDEN>)
 id 1jiLrB-0001uT-W3
 for guix-patches@HIDDEN; Mon, 08 Jun 2020 13:46:47 -0400
Received: by mail-qk1-x734.google.com with SMTP id f18so18144662qkh.1
 for <guix-patches@HIDDEN>; Mon, 08 Jun 2020 10:46:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=from:to:cc:subject:date:message-id:mime-version;
 bh=YXsJhIXSYJ+Rdp1JYxGf+ixFNFRfw1N4VxDDYTiXwCk=;
 b=Ojpye49MZXW2a6DcDHi+7z14Hvrhr7dlrTCafFVh1uOuaKHnXAuA40ulJaEEgAEouE
 isfnN5+r3TQKl5pp5TC06oc+EFHrkrjFvD/N5BI1i7GNyVLXjfHeE1NELy3auFOrdiTe
 DNE3aG/UILoNMlLKIEzC9iVCNXlEG8oyeDpXJ0NDk2VSDGx0keYFxEY9gyqWsj2/od4k
 /eZH7B40TK6IAqBKROn3hOEQ+r5p4rgG479bXWho7Ar/lCiE9cr1te3VWuXhDcz7Vymu
 zyarPo5gIO7KLWBtoimtT2lz5mryY4bm0nUD9IajqBvFkUh6C+Wp+Vb2AGCQEPS3T0fj
 abVw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version;
 bh=YXsJhIXSYJ+Rdp1JYxGf+ixFNFRfw1N4VxDDYTiXwCk=;
 b=XoQGYpTZzxSsaMH1q7a0UYqVgFD4tkSbezUcke/Z8jOvVQPhNqo5UAgnH2etH/o8xU
 9DC3qp3ljZ75ptGcTcofb9W9QuQNSWbA1EH7B4Gy83B6eXgRi1pIAVyS0Uz6XHHGeWw0
 QkrHbIZWABkaA68RcGChbgszfvs1C8sKh+O1LW9AZd1GH5C3sKFGzSbEYn1ksiDk8TXH
 T+RT6FUWkdFRx/IXVvNmywRuZUFhhJ2zQKY7fitNX/KpefT+6saYqxHB0vO+THq7IS7Q
 Fl7ntcRZeudyU4L4+0RyTSXgHWdyVb2fiPZK/NQuHK4iGl18b8S7ephfmiZouwP+Egm6
 9AcQ==
X-Gm-Message-State: AOAM532P/vXh/ThwNovF9GJtkvRO9aX0iM/jwulHtB5iBit4suSK3mSM
 xhTa04z2fkBY7l4FpRr2jW3u6drLIT0=
X-Google-Smtp-Source: ABdhPJydwxHQHRTPZaqAuEJirGCBhW7dglmExIeCuMlFmwNZiy4aL/ZKkw2qWf9kzC53hnRYv+JKZg==
X-Received: by 2002:a05:620a:8cd:: with SMTP id
 z13mr22168575qkz.54.1591638404324; 
 Mon, 08 Jun 2020 10:46:44 -0700 (PDT)
Received: from hurd (dsl-152-235.b2b2c.ca. [66.158.152.235])
 by smtp.gmail.com with ESMTPSA id x36sm8037092qtd.97.2020.06.08.10.46.43
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 08 Jun 2020 10:46:43 -0700 (PDT)
From: maxim.cournoyer@HIDDEN
To: guix-patches <guix-patches@HIDDEN>
Subject: services: opensmtpd: Fix the setgid problem for the smtpctl utility.
Date: Mon, 08 Jun 2020 13:46:37 -0400
Message-ID: <87eeqpih6q.fsf@HIDDEN>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="==-=-=";
 micalg=pgp-sha256; protocol="application/pgp-signature"
Received-SPF: pass client-ip=2607:f8b0:4864:20::734;
 envelope-from=maxim.cournoyer@HIDDEN; helo=mail-qk1-x734.google.com
X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache.
 That's all we know.
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001,
 RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001,
 URIBL_BLOCKED=0.001 autolearn=_AUTOLEARN
X-Spam_action: no action
X-Spam-Score: 0.7 (/)
X-Debbugs-Envelope-To: submit
Cc: Christopher Baines <mail@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -2.3 (--)

--==-=-=
Content-Type: multipart/mixed; boundary="=-=-="

--=-=-=
Content-Type: text/plain

Hello!

The following patches provide a mean to specify a user and group for a
setuid program, and uses that to fix a setgid permission issue in the
context of the opensmtpd service.

Christopher, you should be able to leverage this new facility to
configure the uid/gid of the sendmail program to that of the smtpq user,
like this:

--8<---------------cut here---------------start------------->8---
(operating-system)
  [...]
  (setuid-programs (cons (list (file-append sendmail "/usr/sbin/sendmail") "smtpq")
                           %setuid-programs))
--8<---------------cut here---------------end--------------->8---

The smtpq user is created as part of the OpenSMTPD service definition.

Thank you,


--=-=-=
Content-Type: text/x-patch; charset=utf-8
Content-Disposition: attachment;
 filename=0001-services-Allow-configuring-the-ownership-of-setuid-p.patch
Content-Transfer-Encoding: quoted-printable

From=20e1b8840da16fb531f6607892ebf08f2d5472b962 Mon Sep 17 00:00:00 2001
From: Maxim Cournoyer <maxim.cournoyer@HIDDEN>
Date: Sun, 7 Jun 2020 23:01:49 -0400
Subject: [PATCH 1/3] services: Allow configuring the ownership of setuid
 programs.

Fixes <http://issues.guix.info/41485>.

* gnu/build/activation.scm (activate-setuid-programs): Update doc.  Allow a
program entry to be a list that may include a user and a group.
[make-setuid-program] New USER and GROUP keyword parameters.  Move the error
handling inside the MAKE-SETUID-PROGRAM helper procedure.
* gnu/services.scm (setuid-program-service-type): Update doc.
* doc/guix.texi (Setuid Programs): Update doc.
=2D--
 doc/guix.texi            | 17 +++++++++++---
 gnu/build/activation.scm | 48 +++++++++++++++++++++++++---------------
 gnu/services.scm         | 17 ++++++++++++--
 3 files changed, 59 insertions(+), 23 deletions(-)

diff --git a/doc/guix.texi b/doc/guix.texi
index 056bf011f6..83d7344bd8 100644
=2D-- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -26429,14 +26429,25 @@ should be setuid root.
=20
 The @code{setuid-programs} field of an @code{operating-system}
 declaration contains a list of G-expressions denoting the names of
=2Dprograms to be setuid-root (@pxref{Using the Configuration System}).
=2DFor instance, the @command{passwd} program, which is part of the Shadow
=2Dpackage, can be designated by this G-expression (@pxref{G-Expressions}):
+programs to be setuid (@pxref{Using the Configuration System}).  The
+user and group ownership of the setuid program default to @code{root},
+but can be specified by declaring them along the file name of the
+program.  For instance, the @command{passwd} program, which is part of
+the Shadow package, can be designated as a setuid-root porgram by this
+G-expression (@pxref{G-Expressions}):
=20
 @example
 #~(string-append #$shadow "/bin/passwd")
 @end example
=20
+As a second example, the @command{smtpctl} program, which is part of the
+OpenSMTPD package, requires to have its group set to @samp{smtpq}.
+This can be specified using:
+
+@example
+(list (file-append opensmtpd "/bin/smtpctl") "smtpq" "smtpq")
+@end example
+
 A default set of setuid programs is defined by the
 @code{%setuid-programs} variable of the @code{(gnu system)} module.
=20
diff --git a/gnu/build/activation.scm b/gnu/build/activation.scm
index 30f5e87d5a..6be3664d44 100644
=2D-- a/gnu/build/activation.scm
+++ b/gnu/build/activation.scm
@@ -1,6 +1,7 @@
 ;;; GNU Guix --- Functional package management for GNU
 ;;; Copyright =C2=A9 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020 Ludovi=
c Court=C3=A8s <ludo@HIDDEN>
 ;;; Copyright =C2=A9 2015 Mark H Weaver <mhw@HIDDEN>
+;;; Copyright =C2=A9 2020 Maxim Cournoyer <maxim.cournoyer@HIDDEN>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -227,14 +228,28 @@ they already exist."
   "/run/setuid-programs")
=20
 (define (activate-setuid-programs programs)
=2D  "Turn PROGRAMS, a list of file names, into setuid programs stored under
=2D%SETUID-DIRECTORY."
=2D  (define (make-setuid-program prog)
+  "Turn PROGRAMS, a list of file names and/or of nested lists composed of a
+file name, a user and a group, into setuid programs stored under
+%SETUID-DIRECTORY.  The user and group default to \"root\" and affect the
+ownership of the associated file name."
+  (define* (make-setuid-program prog #:key (user "root") (group user))
     (let ((target (string-append %setuid-directory
                                  "/" (basename prog))))
=2D      (copy-file prog target)
=2D      (chown target 0 0)
=2D      (chmod target #o6555)))
+      (catch 'system-error
+        (lambda ()
+          (let ((uid (passwd:uid (getpwnam user)))
+                (gid (group:gid (getgrnam group))))
+            (copy-file prog target)
+            (chown target uid gid)
+            (chmod target #o6555)))
+        (lambda args
+          ;; If we fail to create a setuid program, better keep going
+          ;; so that we don't leave %SETUID-DIRECTORY empty or
+          ;; half-populated.  This can happen if PROGRAMS contains
+          ;; incorrect file names: <https://bugs.gnu.org/38800>.
+          (format (current-error-port)
+                  "warning: failed to make '~a' setuid (~a:~a): ~a~%"
+                  prog user group (strerror (system-error-errno args)))))))
=20
   (format #t "setting up setuid programs in '~a'...~%"
           %setuid-directory)
@@ -247,18 +262,15 @@ they already exist."
                          string<?))
       (mkdir-p %setuid-directory))
=20
=2D  (for-each (lambda (program)
=2D              (catch 'system-error
=2D                (lambda ()
=2D                  (make-setuid-program program))
=2D                (lambda args
=2D                  ;; If we fail to create a setuid program, better keep =
going
=2D                  ;; so that we don't leave %SETUID-DIRECTORY empty or
=2D                  ;; half-populated.  This can happen if PROGRAMS contai=
ns
=2D                  ;; incorrect file names: <https://bugs.gnu.org/38800>.
=2D                  (format (current-error-port)
=2D                          "warning: failed to make '~a' setuid-root: ~a~=
%"
=2D                          program (strerror (system-error-errno args))))=
))
+  (for-each (match-lambda
+              ((program user group)
+               (make-setuid-program program #:user user #:group group))
+              ((program user)
+               (make-setuid-program program #:user user))
+              ((program)
+               (make-setuid-program program))
+              (program
+               (make-setuid-program program)))
             programs))
=20
 (define (activate-special-files special-files)
diff --git a/gnu/services.scm b/gnu/services.scm
index 2e4648bf78..19a1c38ceb 100644
=2D-- a/gnu/services.scm
+++ b/gnu/services.scm
@@ -1,6 +1,7 @@
 ;;; GNU Guix --- Functional package management for GNU
 ;;; Copyright =C2=A9 2015, 2016, 2017, 2018, 2019, 2020 Ludovic Court=C3=
=A8s <ludo@HIDDEN>
 ;;; Copyright =C2=A9 2016 Chris Marusich <cmmarusich@HIDDEN>
+;;; Copyright =C2=A9 2020 Maxim Cournoyer <maxim.cournoyer@HIDDEN>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -681,12 +682,24 @@ FILES must be a list of name/file-like object pairs."
                  (list (service-extension activation-service-type
                                           (lambda (programs)
                                             #~(activate-setuid-programs
=2D                                               (list #$@programs))))))
+                                               (quote (#$@programs)))))))
                 (compose concatenate)
                 (extend append)
                 (description
                  "Populate @file{/run/setuid-programs} with the specified
=2Dexecutables, making them setuid-root.")))
+executables, making them setuid.  The PROGRAMS entries extending the
+setuid-program-service-type is a list of file-like objects.  Alternatively=
 to
+file-like objects, nested lists containing a file-like object, a user and a
+group can be used to control the ownership of the associated file.
+
+Example:
+
+(list (file-append shadow \"/bin/passwd\")
+      (list (file-append opensmtpd \"/bin/smtpctl\") \"root\" \"smtpq\"))
+
+The @command{passwd} program has both its user and group set to the
+default \"root\" while the @command{smtpctl} program has its user set to
+\"root\" and its group set to \"smtpq\".")))
=20
 (define (packages->profile-entry packages)
   "Return a system entry for the profile containing PACKAGES."
=2D-=20
2.26.2


--=-=-=
Content-Type: text/x-patch
Content-Disposition: attachment;
 filename=0002-services-opensmtpd-Remove-unused-binding.patch
Content-Transfer-Encoding: quoted-printable

From=2001c1ab83bf6f5a8158a993de2fa0048f6d172a73 Mon Sep 17 00:00:00 2001
From: Maxim Cournoyer <maxim.cournoyer@HIDDEN>
Date: Sun, 7 Jun 2020 23:49:25 -0400
Subject: [PATCH 2/3] services: opensmtpd: Remove unused binding.

* gnu/services/mail.scm (opensmtpd-activation): Remove unused SMTPD variable
binding.
=2D--
 gnu/services/mail.scm | 17 ++++++++---------
 1 file changed, 8 insertions(+), 9 deletions(-)

diff --git a/gnu/services/mail.scm b/gnu/services/mail.scm
index cfcaf4601b..7c49d99e9f 100644
=2D-- a/gnu/services/mail.scm
+++ b/gnu/services/mail.scm
@@ -1665,15 +1665,14 @@ match from local for any action outbound
 (define opensmtpd-activation
   (match-lambda
     (($ <opensmtpd-configuration> package config-file)
=2D     (let ((smtpd (file-append package "/sbin/smtpd")))
=2D       #~(begin
=2D           (use-modules (guix build utils))
=2D           ;; Create mbox and spool directories.
=2D           (mkdir-p "/var/mail")
=2D           (mkdir-p "/var/spool/smtpd")
=2D           (chmod "/var/spool/smtpd" #o711)
=2D           (mkdir-p "/var/spool/mail")
=2D           (chmod "/var/spool/mail" #o711))))))
+     #~(begin
+         (use-modules (guix build utils))
+         ;; Create mbox and spool directories.
+         (mkdir-p "/var/mail")
+         (mkdir-p "/var/spool/smtpd")
+         (chmod "/var/spool/smtpd" #o711)
+         (mkdir-p "/var/spool/mail")
+         (chmod "/var/spool/mail" #o711)))))
=20
 (define %opensmtpd-pam-services
   (list (unix-pam-service "smtpd")))
=2D-=20
2.26.2


--=-=-=
Content-Type: text/x-patch
Content-Disposition: attachment;
 filename=0003-services-opensmtpd-Fix-the-setgid-problem-for-the-sm.patch
Content-Transfer-Encoding: quoted-printable

From=2052a1a031e6a7c0196cf17d0bd32061d02b453df8 Mon Sep 17 00:00:00 2001
From: Maxim Cournoyer <maxim.cournoyer@HIDDEN>
Date: Sun, 7 Jun 2020 23:52:00 -0400
Subject: [PATCH 3/3] services: opensmtpd: Fix the setgid problem for the
 smtpctl utility.

The utility was complaining that it wasn't setgid to the group ID of the
"smtpq" group.

* gnu/services/mail.scm (opensmtpd-service-type): Extend the
setuid-program-service-type with the smtpctl program.
=2D--
 gnu/services/mail.scm | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/gnu/services/mail.scm b/gnu/services/mail.scm
index 7c49d99e9f..96efbd951d 100644
=2D-- a/gnu/services/mail.scm
+++ b/gnu/services/mail.scm
@@ -1662,6 +1662,11 @@ match from local for any action outbound
          (home-directory "/var/empty")
          (shell (file-append shadow "/sbin/nologin")))))
=20
+(define (opensmtpd-setuid-programs opensmtpd-configuration)
+  (let ((smtpctl (file-append (opensmtpd-configuration-package
+                               opensmtpd-configuration) "/sbin/smtpctl")))
+    (list (list smtpctl "smtpq"))))
+
 (define opensmtpd-activation
   (match-lambda
     (($ <opensmtpd-configuration> package config-file)
@@ -1683,6 +1688,8 @@ match from local for any action outbound
    (extensions
     (list (service-extension account-service-type
                              (const %opensmtpd-accounts))
+          (service-extension setuid-program-service-type
+                             opensmtpd-setuid-programs)
           (service-extension activation-service-type
                              opensmtpd-activation)
           (service-extension pam-root-service-type
=2D-=20
2.26.2


--=-=-=
Content-Type: text/plain


Maxim

--=-=-=--

--==-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEJ9WGpPiQCFQyn/CfEmDkZILmNWIFAl7eeX0ACgkQEmDkZILm
NWJXDg/+JGbUaMn8GMdk4Ek1ZJSsZusQWvzXR+ie82wLZ51LtpuAmNmtFeYiODe7
UYMVZGXTLhRqhwxdEoQUE6+i1H1Y3qj9D8nl6223/ZU63czuFb7JiQ6QmeU6KGao
Un/yVZyERznxeUUvqZQlH3oPLQglvc1K2w+zcAhdcCf2GJjJjkGoOrvI5hQ/sueh
/E8GG71FqGPMT3MRaHc7G4T1GDAXFlHK9YmLwFzRLPnEAQMVlMidw8EgKd7g1ZWT
tE+1iQbyrNpodDHUDTotWUtFxKmyFovm3ct3K3xFs3Ao6EwVZfJqNvNJlx7O6IiH
Nat8Z5H0zZ6MwCiEJToetZfNSG+rRX0jpGwDRDBx6hwXxCEslHUGbyBGyZlQQuji
PYYpqWzQYAzpv8ijnsIYYFoowopABGfvZlWTtXBgLyNETgli1pQTxT5H/a8Tkm7t
ySDI9+2nPnJilirnTUFynspUWL0oYzJExi5ZLnt1yNU9mwmFTKecM2mx5q6wjXBY
erTN+2JwfW7X2Nrb8JNJKHoDBUJpGmj8lvIZoTcB4B46vkDzCcC497fpFaGAuh3f
kO6TC+NABNncXRGTsaf5rIS7HwIFBZkfmrNTaEX4AwFzzo8D7RZ3q8kW/m9LgEzR
zvyW3CVQBoKiqyoPoxTum0Bsw7FG8YrhWoj7ECdQwzHY7qj5OJs=
=FFdP
-----END PGP SIGNATURE-----
--==-=-=--




Acknowledgement sent to maxim.cournoyer@HIDDEN:
New bug report received and forwarded. Copy sent to guix-patches@HIDDEN. Full text available.
Report forwarded to guix-patches@HIDDEN:
bug#41763; Package guix-patches. Full text available.
Please note: This is a static page, with minimal formatting, updated once a day.
Click here to see this page with the latest information and nicer formatting.
Last modified: Sun, 5 Jul 2020 12:00:02 UTC

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997 nCipher Corporation Ltd, 1994-97 Ian Jackson.