privilege: Add file-like->setuid-program helper.

* gnu/system/privilege.scm (file-like->setuid-program): New public procedure. * gnu/system/setuid.scm: Re-export it for compatibility. (file-like->setuid-program): Remove this old version. * gnu/services/docker.scm (singularity-setuid-programs): Use it (again). * gnu/services/desktop.scm (enlightenment-privileged-programs): Likewise. Change-Id: I8e41144438677a15cdadb3063651dbc780715497
2024-09-01 02:00:00 +02:00 · 2024-09-01 02:00:00 +02:00 · 0dd8e4c351
commit 0dd8e4c351
parent 67a2073d27
4 changed files with 13 additions and 11 deletions
--- a/gnu/services/desktop.scm
+++ b/gnu/services/desktop.scm
@ -1736,8 +1736,7 @@ need to create it beforehand."))))
  (match-record enlightenment-desktop-configuration
      <enlightenment-desktop-configuration>
    (enlightenment)
-    (map (lambda (program) (privileged-program (program program)
-                                               (setuid? #t)))
+    (map file-like->setuid-program
         (list (file-append enlightenment
                            "/lib/enlightenment/utils/enlightenment_sys")
               (file-append enlightenment
--- a/gnu/services/docker.scm
+++ b/gnu/services/docker.scm
@ -286,8 +286,7 @@ bundles in Docker containers.")
                                                           "-helper")))
                                 '("action" "mount" "start")))))

-  (map (lambda (program) (privileged-program (program program)
-                                        (setuid? #t)))
+  (map file-like->setuid-program
       (list (file-append helpers "/singularity-action-helper")
             (file-append helpers "/singularity-mount-helper")
             (file-append helpers "/singularity-start-helper"))))
--- a/gnu/system/privilege.scm
+++ b/gnu/system/privilege.scm
@ -26,7 +26,9 @@
            privileged-program-setgid?
            privileged-program-user
            privileged-program-group
-            privileged-program-capabilities))
+            privileged-program-capabilities
+
+            file-like->setuid-program))

 ;;; Commentary:
 ;;;
@ -56,3 +58,9 @@
  ;; POSIX capabilities in cap_from_text(3) form (defaults to #f: none).
  (capabilities  privileged-program-capabilities ;string or #f
                 (default #f)))
+
+(define (file-like->setuid-program program)
+  "Simple wrapper to facilitate MAPping over a list of file-like objects and
+make them setuid, a pattern just common enough to justify a special helper."
+  (privileged-program (program program)
+                      (setuid? #t)))
--- a/gnu/system/setuid.scm
+++ b/gnu/system/setuid.scm
@ -21,15 +21,14 @@
  #:use-module (gnu system privilege)
  #:use-module (ice-9 match)
  #:use-module (srfi srfi-1)
+  #:re-export (file-like->setuid-program)
  #:export (setuid-program
            setuid-program?
            setuid-program-program
            setuid-program-setuid?
            setuid-program-setgid?
            setuid-program-user
-            setuid-program-group
-
-            file-like->setuid-program))
+            setuid-program-group))

 ;;; Commentary:
 ;;;
@ -56,6 +55,3 @@
 (define setuid-program-setgid? privileged-program-setgid?)
 (define setuid-program-user    privileged-program-user)
 (define setuid-program-group   privileged-program-group)
-
-(define (file-like->setuid-program program)
-  (setuid-program (program program)))