summaryrefslogtreecommitdiff
path: root/gnu/services/authentication.scm
AgeCommit message (Expand)Author
2021-03-10services: Prevent following symlinks during activation....This addresses a potential security issue, where a compromised service could trick the activation code in changing the permissions, owner and group of arbitrary files. However, this patch is currently only a partial fix, due to a TOCTTOU (time-of-check to time-of-use) race, which can be fixed once guile has bindings to openat and friends. Fixes: <https://lists.gnu.org/archive/html/guix-devel/2021-01/msg00388.html> * gnu/build/activation.scm: new procedure 'mkdir-p/perms'. * gnu/services/authentication.scm (%nslcd-activation, nslcd-service-type): use new procedure. * gnu/services/cups.scm (%cups-activation): likewise. * gnu/services/dbus.scm (dbus-activation): likewise. * gnu/services/dns.scm (knot-activation): likewise. Signed-off-by: Ludovic Courtès <ludo@gnu.org> Maxime Devos
2019-04-24services: fprintd: Provide polkit policy....* gnu/services/authentication.scm (fprintd-service-type)[extensions]: Add polkit-service-type. Danny Milosavljevic
2019-04-21services: fprintd: Use define-configuration....* gnu/services/authentication.scm: Use define-configuration in fprintd. Danny Milosavljevic
2019-04-17services: fprintd: Fix service....* gnu/services/authentication.scm (<fprintd-configuration>)[ntp]: Rename to... [fprintd]: ...this. (fprintd-dbus-service): New procedure. (fprintd-service-type): Use it. [default-value]: Add value. Danny Milosavljevic
2019-03-20services: Add nslcd-service-type....* gnu/services/authentication.scm (nslcd-service-type, nslcd-configuration, %nslcd-accounts): New variables. (uglify-field-name, value->string, serialize-field, serialize-list, ssl-option?, tls-reqcert-option?, deref-option?, comma-separated-list-of-strings?, serialize-ignore-users-option, log-option?, serialize-log-option, valid-map?, scope-option?, serialize-scope-option, map-entry?, list-of-map-entries?, filter-entry?, list-of-filter-entries?, serialize-filter-entry, serialize-list-of-filter-entries, serialize-map-entry, serialize-list-of-map-entries, nslcd-config-file, nslcd-etc-service, nslcd-shepherd-service, pam-ldap-pam-services, pam-ldap-pam-service, generate-nslcd-documentation): New procedures. * gnu/tests/ldap.scm: New file. * gnu/local.mk (GNU_SYSTEM_MODULES): Add it. * doc/guix.texi (LDAP Services): Document it. Ricardo Wurmus
2018-06-23services: Fix "authentication" service name....Follow-up to 7f93bbd5aadf0427190769fba8f478c29e37b4f4. * gnu/services/authentication.scm: Fix module name. Danny Milosavljevic
2018-06-23services: Add fingerprint identification service....* gnu/services/authentication.scm: New file. * gnu/local.mk (GNU_SYSTEM_MODULES): Add it. * doc/guix.texi (Miscellaneous Services): Document it. Danny Milosavljevic
generated by cgit v1.2.3 (git 2.46.2) at 2024-11-02 04:35:40 +0000