GLiCID/guix-glicid
7
0
Fork 0
mirror of https://gitlab.univ-nantes.fr/glicid-public/guix-glicid.git synced 2025-06-17 17:51:45 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

squid unprivilleged

Browse source
This commit is contained in:
Jean-François GUILLAUME 2025-06-13 13:08:26 +00:00
commit aec79126dc
1 changed files with 22 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

23
glicid/services/networking.scm
View file

@ -40,7 +40,7 @@
(respawn-delay 10) (respawn-delay 10)
(start #~(make-forkexec-constructor (start #~(make-forkexec-constructor
(list (list
"/run/privileged/bin/squid" #$(file-append pkg "/sbin/squid")
"-f" #$config-file "-f" #$config-file
) )
#:pid-file #$pid-file #:pid-file #$pid-file
@ -50,6 +50,27 @@
#:resource-limits '((nofile 65535 65535)))) #:resource-limits '((nofile 65535 65535))))
(stop #~(make-kill-destructor))))))) (stop #~(make-kill-destructor)))))))
(define squid-privileged-shepherd-service
(match-lambda
(($ <squid-configuration> pkg port loglevel config-file pid-file log-file)
(list
(shepherd-service
(provision '(squid))
(documentation "Run squid.")
(requirement '(user-processes))
(respawn? #t)
(respawn-delay 10)
(start #~(make-forkexec-constructor
(list
"/run/privileged/bin/squid"
"-f" #$config-file
)
#:pid-file #$pid-file
#:log-file #$log-file
#:user (passwd:uid (getpwnam "squid"))
#:group (passwd:gid (getpwnam "squid"))
#:resource-limits '((nofile 65535 65535))))
(stop #~(make-kill-destructor)))))))
(define %squid-activation (define %squid-activation
#~(begin #~(begin