aboutsummaryrefslogtreecommitdiff
path: root/src/org/euandre/queue.scm
diff options
context:
space:
mode:
authorEuAndreh <eu@euandre.org>2023-03-16 11:11:02 -0300
committerEuAndreh <eu@euandre.org>2023-03-16 11:11:02 -0300
commit9a4639ebfa3889de756ed92b736f32bf1f267c51 (patch)
tree04f41296a1770d9ab1cb4e092f162bea814018aa /src/org/euandre/queue.scm
parentqueue.scm: Split postfix-service-type into {local,internet}-postfix-service-type (diff)
downloadpackage-repository-9a4639ebfa3889de756ed92b736f32bf1f267c51.tar.gz
package-repository-9a4639ebfa3889de756ed92b736f32bf1f267c51.tar.xz
queue.scm: Add proper docstring to shadow-group-service-type
Diffstat (limited to 'src/org/euandre/queue.scm')
-rw-r--r--src/org/euandre/queue.scm15
1 files changed, 14 insertions, 1 deletions
diff --git a/src/org/euandre/queue.scm b/src/org/euandre/queue.scm
index 2485b97..ab2a482 100644
--- a/src/org/euandre/queue.scm
+++ b/src/org/euandre/queue.scm
@@ -270,6 +270,8 @@ definite Sendmail-ish flavor, but the inside is completely different.")
((#:configure-flags flags)
#~(append '("CFLAGS=-DPATH_SENDMAIL=\\\"/run/setuid-programs/sendmail\\\"") #$flags))))))
+
+
(define-public python-pytest-tornado5
(package
(name "python-pytest-tornado5")
@@ -463,7 +465,18 @@ collections.OrderedDict that works in Python 2.4-2.6.")
(service-extension account-service-type
shadow-group-accounts)))
(default-value (shadow-group-configuration))
- (description "FIXME:DOCUMENTATION")))
+ (description "Provide the infrastructure to allow access to the
+@file{/etc/shadow} file without requiring superuser privileges, by:
+
+@itemize
+@item adding a dedicated group to the system (default: @code{etc-shadow});
+@item granting said group @emph{read-only access} to the @file{/etc/shadow}
+file.
+@end itemize
+
+The goal is to allow unprivileged processes to perform password authentication
+against the @file{/etc/passwd} database, by adding the @code{etc-shadow} group
+to the list of supplementary groups of the user of such running process.")))
(define-record-type* <cyrus-service-configuration>