guix-patches
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug#47013] [PATCH] gnu: Harden filesystem links.

From: Ludovic Courtès
Subject: [bug#47013] [PATCH] gnu: Harden filesystem links.
Date: Tue, 16 Mar 2021 22:42:24 +0100
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux) 
Hi!

Leo Famulari <leo@famulari.name> skribis:

> From 38f1aaf8b44739ccfb1f824c7fb85d4dc6b5d991 Mon Sep 17 00:00:00 2001
> From: Leo Famulari <leo@famulari.name>
> Date: Mon, 15 Mar 2021 14:51:52 -0400
> Subject: [PATCH 1/2] services: sysctl: Add a service to set default kernel
>  parameters.
>
> * gnu/services/sysctl.scm (default-sysctl-settings-service-type): New public
> variable.
> * doc/guix.texi (Miscellaneous Services): Document it.
>
> Co-authored-by: Julien Lepiller <julien@lepiller.eu>

[...]

> +(define default-sysctl-settings-service-type
> +;  "Return a service that is used to set default kernel parameters for Guix
> +;  System."
> +  (service-type
> +    (name 'default-sysctl-settings)
> +    (extensions
> +      (list (service-extension sysctl-service-type
> +                               identity)))))

[...]

> +        (service default-sysctl-settings-service-type
> +          '(("fs.protected_hardlinks" . "1")
> +            ("fs.protected_symlinks" . "1")))

Why not just use ‘sysctl-service-type’ here?
‘default-sysctl-settings-service-type’ looks very much like
‘sysctl-service-type’, but I’m not sure we need a second one?

Thanks!

Ludo’.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]