guix/gnu/build
Ludovic Courtès e05f7c55d7
file-systems: Open files with O_CLOEXEC.
Since this code is run from PID 1, this ensures file descriptors to
sensitive files and devices are not accidentally leaked to
sub-processes.

* gnu/build/file-systems.scm (call-with-input-file): New procedure.
(mount-file-system): Use 'close-fdes' + 'open-fdes'.
2022-09-08 16:22:21 +02:00
..
accounts.scm system: Allow 'chfn' to change the user's full name. 2022-01-01 15:10:12 +01:00
activation.scm initrd: Use non-hyphenated kernel command-line parameter names. 2022-03-01 10:30:17 -05:00
bootloader.scm image: Add support for 32bit UEFI. 2022-06-24 10:21:06 +02:00
chromium-extension.scm gnu: modifying make-chromium-extension to rely on node-crx3. 2022-07-20 16:50:08 +02:00
cross-toolchain.scm
dbus-service.scm services: jami: Modernize to adjust to Shepherd 0.9+ changes. 2022-06-10 23:52:33 -04:00
file-systems.scm file-systems: Open files with O_CLOEXEC. 2022-09-08 16:22:21 +02:00
hurd-boot.scm initrd: Use non-hyphenated kernel command-line parameter names. 2022-03-01 10:30:17 -05:00
image.scm build: image: Make partition uuid optional. 2022-08-30 19:29:58 +02:00
install.scm
jami-service.scm services: jami: Modernize to adjust to Shepherd 0.9+ changes. 2022-06-10 23:52:33 -04:00
linux-boot.scm linux-boot: Resume from hibernation after pre-boot. 2022-09-04 02:00:00 +02:00
linux-container.scm linux-container: Add #:child-is-pid1? parameter to 'call-with-container'. 2022-05-01 21:30:35 +02:00
linux-initrd.scm
linux-modules.scm linux-modules: Ignore EINVAL in ‘modprobe’ mode. 2021-12-16 12:53:52 -05:00
locale.scm
marionette.scm build: marionette: Add support for Tesseract OCR. 2022-08-28 22:10:20 -04:00
secret-service.scm secret-service: Allow cooperative scheduling when Fibers is used. 2022-04-07 00:08:56 +02:00
shepherd.scm shepherd: Set #o640 permissions for log file of service in container. 2022-09-02 16:32:16 +05:30
svg.scm