mirror of
https://codeberg.org/guix/guix.git
synced 2026-01-25 03:55:08 -06:00
fdb46ae7b1
https://codeberg.org/guix/guix/issues/3925 raised the inabilityy of the subordinate IDs service of handling externally managed sub{u,g}id file entries. This patch relaxes the checks in place for existing ranges, by allowing subid-range records lower than %subordinate-id-min, leaving all the space from subid 0 to %subordinate-id-min - 1 to external users. Generic ranges are still allocated within %subordinate-id-min and %subordinate-id-max. * gnu/build/accounts.scm (<unused-id-range>)[min]: Change default value to 0, allowing subid-ranges with a start lesser than %subordinate-id-min. (allocate-generic-range): Allocate generic ranges starting from %subordinate-id-min, leaving ranges starting before %subordinate-id-min. (allocate-specific-range): Move bounds check to... (allocate-subids): ...here. Now bound validation is applied only to user provided ranges. * tests/accounts.scm: Test new behavior. Fixes: guix/guix#3925 Change-Id: Id923b122c97a20f148684f5fb144fd9422810612 Signed-off-by: Ludovic Courtès <ludo@gnu.org> Merges: #4235 |
||
|---|---|---|
| .. | ||
| accounts.scm | ||
| activation.scm | ||
| bootloader.scm | ||
| chromium-extension.scm | ||
| cross-toolchain.scm | ||
| dbus-service.scm | ||
| file-systems.scm | ||
| hurd-boot.scm | ||
| icecat-extension.scm | ||
| image.scm | ||
| install.scm | ||
| jami-service.scm | ||
| linux-boot.scm | ||
| linux-container.scm | ||
| linux-initrd.scm | ||
| linux-modules.scm | ||
| locale.scm | ||
| marionette.scm | ||
| oci-containers.scm | ||
| secret-service.scm | ||
| shepherd.scm | ||
| svg.scm | ||