emacs-bug-tracker
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#43851: closed ([PATCH] gnu: sudo: Depend on python-minimal instead o

From: GNU bug Tracking System
Subject: bug#43851: closed ([PATCH] gnu: sudo: Depend on python-minimal instead of python.)
Date: Fri, 09 Oct 2020 19:49:02 +0000 
Your message dated Fri, 09 Oct 2020 21:48:22 +0200
with message-id <87d01rrxix.fsf@gnu.org>
and subject line Re: [bug#43851] [PATCH] gnu: sudo: Depend on python-minimal 
instead of python.
has caused the debbugs.gnu.org bug report #43851,
regarding [PATCH] gnu: sudo: Depend on python-minimal instead of python.
to be marked as done.

(If you believe you have received this mail in error, please contact
help-debbugs@gnu.org.)


-- 
43851: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=43851
GNU Bug Tracking System
Contact help-debbugs@gnu.org with problems
--- Begin Message --- Subject: [PATCH] gnu: sudo: Depend on python-minimal instead of python. Date: Wed, 07 Oct 2020 19:04:27 +0200 User-agent: Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux) 
Hi,

Depending on python pulls in X11:

--8<---------------cut here---------------start------------->8---
$ guix graph --path sudo libx11
sudo@1.9.3p1
python@3.8.2
tk@8.6.10
libx11@1.6.9
--8<---------------cut here---------------end--------------->8---

which is unfortunate, especially for the Hurd.

However...do we really want to extend sudo with eh, a large programming
language that has a more impressive CVE list than a lovely tiny language
such as, say Guile? ;)

Greetings,
Janneke


>From e28a7f0679cc70f48f2583b2f3fe5f9a1984d6cc Mon Sep 17 00:00:00 2001
From: "Jan (janneke) Nieuwenhuizen" <janneke@gnu.org>
Date: Wed, 7 Oct 2020 18:49:29 +0200
Subject: [PATCH] gnu: sudo: Depend on python-minimal instead of python.
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset=UTF-8

* gnu/packages/admin.scm (sudo)[inputs]: Use python-minimal instead of
python.
---
 gnu/packages/admin.scm | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm
index e62a145614..399c55a080 100644
--- a/gnu/packages/admin.scm
+++ b/gnu/packages/admin.scm
@@ -1499,7 +1499,7 @@ system administrator.")
        ("linux-pam" ,linux-pam)
        ,@(if (%current-target-system)
              '()
-             `(("python" ,python)))
+             `(("python" ,python-minimal)))
        ("zlib" ,zlib)))
     (home-page "https://www.sudo.ws/";)
     (synopsis "Run commands as root")
-- 
Jan Nieuwenhuizen <janneke@gnu.org> | GNU LilyPond http://lilypond.org
Freelance IT http://JoyofSource.com | Avatar® http://AvatarAcademy.com


-- 
Jan Nieuwenhuizen <janneke@gnu.org> | GNU LilyPond http://lilypond.org
Freelance IT http://JoyofSource.com | Avatar® http://AvatarAcademy.com

--- End Message ---
--- Begin Message --- Subject: Re: [bug#43851] [PATCH] gnu: sudo: Depend on python-minimal instead of python. Date: Fri, 09 Oct 2020 21:48:22 +0200 User-agent: Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux) 
Tobias Geerinckx-Rice writes:

Hello!

> Maxim Cournoyer 写道:
>> If we don't have any use for it, I think it may be better to let the
>> dependency go altogether, to keep sudo as small and secure as
>> possible.
>
> I don't think sudo is either, nor does the presence of Python affect
> that meaningfully.  But let's stop this pointless discussion since
> removing it helps the Hurd progress.  That's enough.
>
> The Hurd is a lot more exciting than the removal of sudo Python
> support -- and actually *will* improve security!

Thanks all, I've removed the python dependency from sudo; pushed to
master as 165e0918da54643bfaf9a6cb6b866f8692e9f8f9.

Greetings,
Janneke

-- 
Jan Nieuwenhuizen <janneke@gnu.org> | GNU LilyPond http://lilypond.org
Freelance IT http://JoyofSource.com | Avatar® http://AvatarAcademy.com

--- End Message ---
reply via email to
[Prev in Thread] Current Thread [Next in Thread]