mirror/guix
1
0
Fork 0
mirror of https://git.savannah.gnu.org/git/guix.git synced 2025-01-18 21:46:35 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

news: Add entry for ‘setuid’ → ‘privilege’ renaming.

Browse source 
* etc/news.scm: Add entry.

Change-Id: I64ac2d91215a1aac89fdf3832f4c6cbdc6648538
This commit is contained in:
Tobias Geerinckx-Rice 2024-08-18 02:00:00 +02:00
parent e1f17fc340
commit 65d257a717
No known key found for this signature in database
GPG key ID: 0DB0FF884F556D79
1 changed files with 26 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

27
etc/news.scm
View file

@ -1,7 +1,7 @@
;; GNU Guix news, for use by 'guix pull'. ;; GNU Guix news, for use by 'guix pull'.
;; ;;
;; Copyright © 2019-2024 Ludovic Courtès <ludo@gnu.org> ;; Copyright © 2019-2024 Ludovic Courtès <ludo@gnu.org>
;; Copyright © 20192021 Tobias Geerinckx-Rice <me@tobias.gr> ;; Copyright © 20192021, 2024 Tobias Geerinckx-Rice <me@tobias.gr>
;; Copyright © 2019, 2020 Miguel Ángel Arruga Vivas <rosen644835@gmail.com> ;; Copyright © 2019, 2020 Miguel Ángel Arruga Vivas <rosen644835@gmail.com>
;; Copyright © 2019, 2020 Konrad Hinsen <konrad.hinsen@fastmail.net> ;; Copyright © 2019, 2020 Konrad Hinsen <konrad.hinsen@fastmail.net>
;; Copyright © 2019, 2020, 2021, 2023 Julien Lepiller <julien@lepiller.eu> ;; Copyright © 2019, 2020, 2021, 2023 Julien Lepiller <julien@lepiller.eu>
@ -32,6 +32,31 @@
(channel-news (channel-news
(version 0) (version 0)
(entry (commit "4e58dfee6c7456d1e662f66041b8a157efe8710a")
(title
(en "More capable @code{privileged-programs} replace @code{setuid-programs}")
(nl "Capabelere @code{privileged-programs} vervangen @code{setuid-programs}"))
(body
(en "Where the kernel supports it, Guix System can now assign
POSIX@tie{}@dfn{capabilities} to trusted executables. Capabilities offer a
more granular alternative to the traditional setuid and setgid permissions,
which remain available.
To reflect this, @code{(gnu system setuid)} has been renamed to @code{(gnu
system privilege)}. @code{privileged-programs} replaces @code{setuid-programs}
as @code{operating-system} field and defaults to
@code{%default-privileged-programs}. The executables themselves have moved from
@file{/run/setuid-programs} to @file{/run/privileged/bin}.")
(nl "Waar de kernel dit toelaat kan Guix System nu
POSIX@tie{}@dfn{capabilities} toewijzen aan vertrouwde uitvoerbare bestanden.
``Capabilities'' zijn een fijnmaziger alternatief voor de klassieke setuid- en
setgid-rechten, die ook beschikbaar blijven.
Om dit duidelijk te maken heet @code{(gnu system setuid)} nu @code{(gnu system
privilege)}. @code{privileged-programs} vervangt @code{setuid-programs} als
veld in het @code{operating-system} en heeft @code{%default-privileged-programs}
als standaardwaarde. De uitvoerbare bestanden verhuizen van
@file{/run/setuid-programs} naar @file{/run/privileged/bin}.")))
(entry (commit "26638b8e8129aa755586d017677b4cf076bafda6") (entry (commit "26638b8e8129aa755586d017677b4cf076bafda6")
(title (title
(en "The containerd service is separated from @code{docker-service-type}") (en "The containerd service is separated from @code{docker-service-type}")