[Nix-dev] Re: Irritating warnings for non existing security.setuidPrograms
Eelco Dolstra
e.dolstra at tudelft.nl
Thu Oct 30 10:10:05 CET 2008
Ludovic Courtès wrote:
>> WARNING: No executable named `fusermount' was found
>> WARNING: but `fusermount' was specified as a setuid program.
...
>> So I guess there's a script somewhere that tries to set the setuid
>> attribute of these executables.
>
> It's more complex: it means that `nixos-rebuild' created "setuid
> wrappers" for these programs (which normally end up under
> `/var/setuid-wrappers'), but that these programs are actually not
> installed. It's an indication that `setuidPrograms' is not properly
> set.
Yes, that was the idea. E.g. cdrdao should only be in that list if cdrdao is
installed, e.g. for sudo we have
setuidPrograms = ... ++
pkgs.lib.optional config.security.sudo.enable "sudo"
But that would require an option to enable cdrdao (so installing it via nix-env
wouldn't be supported).
Since the message annoys me as well and the underlying problem probably won't be
fixed anytime soon :-), I propose we just remove it.
--
Eelco Dolstra | http://www.st.ewi.tudelft.nl/~dolstra/
More information about the nix-dev
mailing list