diff options
Diffstat (limited to 'gnu/packages')
| -rw-r--r-- | gnu/packages/linux.scm | 3 | ||||
| -rw-r--r-- | gnu/packages/patches/linux-pam-unix_chkpwd.patch | 9 |
2 files changed, 11 insertions, 1 deletions
diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index 94eff5d5c8..c9e6ab12c2 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -1596,7 +1596,8 @@ which need to be installed separately.") (sha256 (base32 "1z4jayf69qyyxln1gl6ch4qxfd66ib1g42garnrv2d8i1drl0790")) - (patches (search-patches "linux-pam-no-setfsuid.patch")))) + (patches (search-patches "linux-pam-unix_chkpwd.patch" + "linux-pam-no-setfsuid.patch")))) (build-system gnu-build-system) (native-inputs diff --git a/gnu/packages/patches/linux-pam-unix_chkpwd.patch b/gnu/packages/patches/linux-pam-unix_chkpwd.patch new file mode 100644 index 0000000000..0e865ff18c --- /dev/null +++ b/gnu/packages/patches/linux-pam-unix_chkpwd.patch @@ -0,0 +1,9 @@ +unix_chkpwd is designed to have a suid bit, but it's not possible to set it +for files in the store. This patch tells unix_pam.so to look for +unix_chkpwd in setuid program directory on Guix System. + +--- a/modules/pam_unix/Makefile.in ++++ b/modules/pam_unix/Makefile.in +@@ -651,1 +651,1 @@ +- -DCHKPWD_HELPER=\"$(sbindir)/unix_chkpwd\" \ ++ -DCHKPWD_HELPER=\"/run/setuid-programs/unix_chkpwd\" \ |