X-Loop: help-debbugs@HIDDEN
Subject: bug#74179: %default-bash-profile still references /run/setuid-programs
Resent-From: Edouard Klein <edouardklein@HIDDEN>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
Resent-CC: bug-guix@HIDDEN
Resent-Date: Sat, 02 Nov 2024 19:15:02 +0000
Resent-Message-ID: <handler.74179.B.173057484520992 <at> debbugs.gnu.org>
Resent-Sender: help-debbugs@HIDDEN
X-GNU-PR-Message: report 74179
X-GNU-PR-Package: guix
X-GNU-PR-Keywords:
To: 74179 <at> debbugs.gnu.org
X-Debbugs-Original-To: bug-guix <bug-guix@HIDDEN>
Received: via spool by submit <at> debbugs.gnu.org id=B.173057484520992
(code B ref -1); Sat, 02 Nov 2024 19:15:02 +0000
Received: (at submit) by debbugs.gnu.org; 2 Nov 2024 19:14:05 +0000
Received: from localhost ([127.0.0.1]:55119 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1t7JZV-0005SW-97
for submit <at> debbugs.gnu.org; Sat, 02 Nov 2024 15:14:05 -0400
Received: from lists.gnu.org ([209.51.188.17]:45454)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <edouardklein@HIDDEN>) id 1t7JZS-0005SQ-Vg
for submit <at> debbugs.gnu.org; Sat, 02 Nov 2024 15:14:04 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10])
by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
(Exim 4.90_1) (envelope-from <edouardklein@HIDDEN>)
id 1t7JXM-0004rF-4g
for bug-guix@HIDDEN; Sat, 02 Nov 2024 15:11:52 -0400
Received: from mail-wr1-x431.google.com ([2a00:1450:4864:20::431])
by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
(Exim 4.90_1) (envelope-from <edouardklein@HIDDEN>)
id 1t7JXK-0001El-IY
for bug-guix@HIDDEN; Sat, 02 Nov 2024 15:11:51 -0400
Received: by mail-wr1-x431.google.com with SMTP id
ffacd0b85a97d-37d5689eea8so1721733f8f.1
for <bug-guix@HIDDEN>; Sat, 02 Nov 2024 12:11:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20230601; t=1730574708; x=1731179508; darn=gnu.org;
h=mime-version:message-id:date:subject:to:from:user-agent:from:to:cc
:subject:date:message-id:reply-to;
bh=XhezTsxQeXlt5Q4Y2M16U6Q5InU3uvpCntGLfJlctYo=;
b=dvhf2SKbbindP8b0smuJlR2ppmWxRUYMTn6p5o5ShIWj1Eof1bsLGRILcn9V3MDSRo
HubhcbMfL8nNjiQ8tNZqa2BGCucl5Fxkf2tq0RVOQDx6BS5EidYIWLeQr+2njOvjnHY8
oDlvRH+S/DdUI16y1TozrXbf0APJ+Mrh/E2OrL4I66YRkd84ALgDiQa46EfA9PkI+6w3
VoCsNfI1XYLN+ILiba8tLXqgwATUsIGXA5N4RkdycsRxKiyI5fC+438Gvfkg4PzwQKyf
uF8bK+DQE1p2QG0Sdry8AAT6BvmaD+bmxvBahMvbJOl5ek8W87jLgH7Qs+rk6Id8fH/E
E8mA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1730574708; x=1731179508;
h=mime-version:message-id:date:subject:to:from:user-agent
:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
bh=XhezTsxQeXlt5Q4Y2M16U6Q5InU3uvpCntGLfJlctYo=;
b=Mf7KTT2XYOtKrF15CdGB+jwJ7EnFh+hsYUDLEiYH6p2NENh/pAC1PD4mKVwxLaX/ST
3uplSL9m9NGUwM9l5FCubEH6UdbuLIZh63UB1eZUiIvRB36bLW4mhAvUi1vRsKwAyQnf
TZ4whB+xHIU3GRZPiaT+O4WWNK8gyTOPZb/T90zQjYyL7nB9/lF9A0kBCYkc9FeschHX
OYzuh/0IHvCXbleCPG+MOsB6pUay9EdME3QIRQ8FaUvWYkgM2z2odDY2kuJzitxiZa5A
/2w8/9qflkwCwx5iXKRVa+allYtofviQuXy2SeVeIGAsEH98kEHMCo36HVRnoRwgN0n6
eXDA==
X-Gm-Message-State: AOJu0YxgbYgZu+8u1iXhr9viypBOH4i1pvQ68sikmUQuDYd0839/YNet
p8iwW8x4iYM9HgsM3fHLpYqcSWFUMHNxNkgsmMv9gClhIhpB9opDK9oaoQ==
X-Google-Smtp-Source: AGHT+IFSrdEirVN4Xq65ZAGQYUwgTBg3ashQYznOL2iMIMjcgp13rMHy8EsB09RbOuwvXplg+SWbiw==
X-Received: by 2002:a05:6000:4d:b0:37d:4d72:dca3 with SMTP id
ffacd0b85a97d-380611637f8mr19907333f8f.31.1730574708248;
Sat, 02 Nov 2024 12:11:48 -0700 (PDT)
Received: from schwarzy (anantes-657-1-199-172.w90-25.abo.wanadoo.fr.
[90.25.138.172]) by smtp.gmail.com with ESMTPSA id
ffacd0b85a97d-381c113e528sm8819469f8f.78.2024.11.02.12.11.46
for <bug-guix@HIDDEN>
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Sat, 02 Nov 2024 12:11:47 -0700 (PDT)
User-agent: mu4e 1.10.2; emacs 28.2
From: Edouard Klein <edouardklein@HIDDEN>
Date: Sat, 02 Nov 2024 20:04:22 +0100
Message-ID: <87a5ehmowp.fsf@HIDDEN>
MIME-Version: 1.0
Content-Type: text/plain
Received-SPF: pass client-ip=2a00:1450:4864:20::431;
envelope-from=edouardklein@HIDDEN; helo=mail-wr1-x431.google.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001,
RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001,
SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-Spam-Score: -1.3 (-)
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -2.3 (--)
Dear Guix,
/run/setuid-programs was replaced by /run/privileged some time ago.
Some of the users on the-dam.org don't have the new location in their
PATH. I've tracked it down to %default-bash-profile still referencing
the old location (in /gnu/system/shadow.scm):
# Prepend setuid programs.
export PATH=/run/setuid-programs:$PATH
This file ends up in /etc/skel, and from there is copied on the user's
HOME when the user is created.
I've grep /run/setuid-programs in the source and found that it is still
hardcoded in a few places.
Two questions:
If I submitted a patch series addressing these issues, would somebody
review it and apply it within a few weeks ?
And the more interesting one:
How do I correct the issue for my existing users, given that even if I
correct the code and reconfigure, the .bash_profile file in their HOME
is gonna stay the same ?
Maybe I should force everybody to use guix home ?
Cheers,
Edouard.
Content-Disposition: inline Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Mailer: MIME-tools 5.505 (Entity 5.505) Content-Type: text/plain; charset=utf-8 X-Loop: help-debbugs@HIDDEN From: help-debbugs@HIDDEN (GNU bug Tracking System) To: Edouard Klein <edouardklein@HIDDEN> Subject: bug#74179: Acknowledgement (%default-bash-profile still references /run/setuid-programs) Message-ID: <handler.74179.B.173057484520992.ack <at> debbugs.gnu.org> References: <87a5ehmowp.fsf@HIDDEN> X-Gnu-PR-Message: ack 74179 X-Gnu-PR-Package: guix Reply-To: 74179 <at> debbugs.gnu.org Date: Sat, 02 Nov 2024 19:15:02 +0000 Thank you for filing a new bug report with debbugs.gnu.org. This is an automatically generated reply to let you know your message has been received. Your message is being forwarded to the package maintainers and other interested parties for their attention; they will reply in due course. Your message has been sent to the package maintainer(s): bug-guix@HIDDEN If you wish to submit further information on this problem, please send it to 74179 <at> debbugs.gnu.org. Please do not send mail to help-debbugs@HIDDEN unless you wish to report a problem with the Bug-tracking system. --=20 74179: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=3D74179 GNU Bug Tracking System Contact help-debbugs@HIDDEN with problems
X-Loop: help-debbugs@HIDDEN
Subject: bug#74179: %default-bash-profile still references /run/setuid-programs
Resent-From: Ludovic =?UTF-8?Q?Court=C3=A8s?= <ludo@HIDDEN>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
Resent-CC: bug-guix@HIDDEN
Resent-Date: Wed, 20 Nov 2024 21:55:01 +0000
Resent-Message-ID: <handler.74179.B74179.17321396948311 <at> debbugs.gnu.org>
Resent-Sender: help-debbugs@HIDDEN
X-GNU-PR-Message: followup 74179
X-GNU-PR-Package: guix
X-GNU-PR-Keywords:
To: Edouard Klein <edouardklein@HIDDEN>
Cc: Tobias Geerinckx-Rice <me@HIDDEN>, 74179 <at> debbugs.gnu.org
Received: via spool by 74179-submit <at> debbugs.gnu.org id=B74179.17321396948311
(code B ref 74179); Wed, 20 Nov 2024 21:55:01 +0000
Received: (at 74179) by debbugs.gnu.org; 20 Nov 2024 21:54:54 +0000
Received: from localhost ([127.0.0.1]:48043 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1tDsez-00029z-IE
for submit <at> debbugs.gnu.org; Wed, 20 Nov 2024 16:54:53 -0500
Received: from eggs.gnu.org ([209.51.188.92]:56082)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <ludo@HIDDEN>) id 1tDseu-00029h-KU
for 74179 <at> debbugs.gnu.org; Wed, 20 Nov 2024 16:54:52 -0500
Received: from fencepost.gnu.org ([2001:470:142:3::e])
by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
(Exim 4.90_1) (envelope-from <ludo@HIDDEN>)
id 1tDseo-0005uD-J4; Wed, 20 Nov 2024 16:54:42 -0500
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org;
s=fencepost-gnu-org; h=MIME-Version:Date:References:In-Reply-To:Subject:To:
From; bh=KF5PoGo+7NuVPBwI30N7FO52ABqYdGe8jSIBywdmTJ8=; b=GfQVl0uFHAUwFlmfeYzM
PpM4+zNnhBfPPiuichgh0/UxCiAGbVtLozkyKZ3G0FO4zejCjm7+Zo8nJv8HVzfaLs229SQ8Q9QlD
/JEGj0JyzohJIwiZ9rlVrCLuK/Sf5UgvqgbzsOZ4HTevDgUpWQgsZOJXB7PSQbaaZDJxb8kDusllu
fEhPKdan6VaJC1ST/QKQXLLy6bbp5/bF1SMCv0VG9OnuZUtEhobDbM4QsBJCKHfjpPJSi6mWx89y0
HKdDM2W6PYffkxER+pTMsKlGKtzYKfdqMVZwAScuwESLwvkSHfVwK+MSURK7Q4DzQBgjNVA+s29zu
JFo+/fBqhH2ZQQ==;
From: Ludovic =?UTF-8?Q?Court=C3=A8s?= <ludo@HIDDEN>
In-Reply-To: <87a5ehmowp.fsf@HIDDEN> (Edouard Klein's message of "Sat, 02
Nov 2024 20:04:22 +0100")
References: <87a5ehmowp.fsf@HIDDEN>
Date: Wed, 20 Nov 2024 22:54:40 +0100
Message-ID: <87serlvae7.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: -2.3 (--)
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -3.3 (---)
Hi Edouard,
(Cc: Tobias, who authors the privileged program mechanism.)
Edouard Klein <edouardklein@HIDDEN> skribis:
> Some of the users on the-dam.org don't have the new location in their
> PATH. I've tracked it down to %default-bash-profile still referencing
> the old location (in /gnu/system/shadow.scm):
>
> # Prepend setuid programs.
> export PATH=3D/run/setuid-programs:$PATH
>
> This file ends up in /etc/skel, and from there is copied on the user's
> HOME when the user is created.
>
> I've grep /run/setuid-programs in the source and found that it is still
> hardcoded in a few places.
>
> Two questions:
> If I submitted a patch series addressing these issues, would somebody
> review it and apply it within a few weeks ?
As you know there cannot be guarantees on the timeliness of volunteer
response, but surely this would be pretty high priority (and easy) to
review/apply.
> And the more interesting one:
> How do I correct the issue for my existing users, given that even if I
> correct the code and reconfigure, the .bash_profile file in their HOME
> is gonna stay the same ?
> Maybe I should force everybody to use guix home ?
Maybe =E2=80=98.bash_profile=E2=80=99 should never have contained that line=
in the first
place.
But anyway, you could either run =E2=80=98sed=E2=80=99 on all the =E2=80=98=
.bash_profile=E2=80=99 files
of users (not great), or let them know, or just let go since AFAIK it
doesn=E2=80=99t hurt to have /run/setuid-programs in $PATH.
Thoughts?
Ludo=E2=80=99.
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997 nCipher Corporation Ltd,
1994-97 Ian Jackson.