services: singularity: Migrate to (gnu system privilege).

* gnu/services/docker.scm (singularity-setuid-programs): Rename from this… (singularity-privileged-programs): …to this. Use <privileged-program>. (singularity-service-type): Extend the PRIVILEGED-PROGRAM-SERVICE-TYPE. Change-Id: I4d90f9a6d4759a24a818baab49b61be67c419bad
2024-09-01 02:00:00 +02:00 · 2024-09-01 02:00:00 +02:00 · 98bc13b9ea
commit 98bc13b9ea
parent 76cb23c117
1 changed files with 8 additions and 7 deletions
--- a/gnu/services/docker.scm
+++ b/gnu/services/docker.scm
@ -31,7 +31,7 @@
  #:use-module (gnu services shepherd)
  #:use-module (gnu system)
  #:use-module (gnu system image)
-  #:use-module (gnu system setuid)
+  #:use-module (gnu system privilege)
  #:use-module (gnu system shadow)
  #:use-module (gnu packages admin)               ;shadow
  #:use-module (gnu packages docker)
@ -268,11 +268,11 @@ bundles in Docker containers.")
                  '("container" "final" "overlay" "session"))
        (chmod %mount-directory #o755))))

-(define (singularity-setuid-programs singularity)
-  "Return the setuid-root programs that SINGULARITY needs."
+(define (singularity-privileged-programs singularity)
+  "Return the privileged programs that SINGULARITY needs."
  (define helpers
    ;; The helpers, under a meaningful name.
-    (computed-file "singularity-setuid-helpers"
+    (computed-file "singularity-privileged-helpers"
                   #~(begin
                       (mkdir #$output)
                       (for-each (lambda (program)
@ -286,7 +286,8 @@ bundles in Docker containers.")
                                                           "-helper")))
                                 '("action" "mount" "start")))))

-  (map file-like->setuid-program
+  (map (lambda (program) (privileged-program (program program)
+                                        (setuid? #t)))
       (list (file-append helpers "/singularity-action-helper")
             (file-append helpers "/singularity-mount-helper")
             (file-append helpers "/singularity-start-helper"))))
@ -296,8 +297,8 @@ bundles in Docker containers.")
                (description
                 "Install the Singularity application bundle tool.")
                (extensions
-                 (list (service-extension setuid-program-service-type
-                                          singularity-setuid-programs)
+                 (list (service-extension privileged-program-service-type
+                                          singularity-privileged-programs)
                       (service-extension activation-service-type
                                          (const %singularity-activation))))
                (default-value singularity)))