From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!.POSTED.blaine.gmane.org!not-for-mail From: Bruno =?utf-8?Q?F=C3=A9lix?= Rezende Ribeiro Newsgroups: gmane.emacs.devel Subject: Re: tramp-auto-auth.el --- TRAMP automatic authentication library Date: Sat, 31 Aug 2019 20:29:59 -0300 Message-ID: <87zhjogbgo.fsf@oitofelix.com> References: <877e74skek.fsf@oitofelix.com> <87woeyudc0.fsf@gmx.de> <87o9086ea0.fsf@oitofelix.com> <87ftlkp70j.fsf@gmx.de> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Injection-Info: blaine.gmane.org; posting-host="blaine.gmane.org:195.159.176.226"; logging-data="270245"; mail-complaints-to="usenet@blaine.gmane.org" User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.3 (gnu/linux) Cc: Bruno =?utf-8?Q?F=C3=A9lix?= Rezende Ribeiro , emacs-devel@gnu.org To: Michael Albinus Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Sun Sep 01 01:30:16 2019 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([209.51.188.17]) by blaine.gmane.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from ) id 1i4Cox-0018AZ-Vb for ged-emacs-devel@m.gmane.org; Sun, 01 Sep 2019 01:30:16 +0200 Original-Received: from localhost ([::1]:46732 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1i4Cow-0001On-N6 for ged-emacs-devel@m.gmane.org; Sat, 31 Aug 2019 19:30:14 -0400 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]:54174) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1i4Com-0001Of-NQ for emacs-devel@gnu.org; Sat, 31 Aug 2019 19:30:06 -0400 Original-Received: from fencepost.gnu.org ([2001:470:142:3::e]:40708) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1i4Com-0007br-Ej; Sat, 31 Aug 2019 19:30:04 -0400 Original-Received: from [189.15.140.167] (port=43870 helo=felix-laptop) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_128_CBC_SHA1:128) (Exim 4.82) (envelope-from ) id 1i4Cok-0001rh-Ar; Sat, 31 Aug 2019 19:30:03 -0400 X-Face: %,T7Hsg=SK$Zh)wiU4Qdv9-fZ26Pf5*+}Ld,{LeV'Cq-1?=kA"hc,'i""S85]g; _W+{nZfx 2GnAMS1K\E_E&:{h[wQd+Tqj5#PtH:W&8^crA0>i?nmD7hOL$K".`@An_8.7gaObQLlMy0\%%I0Jp. Lue$J0B Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwCAIAAADYYG7QAAACcElEQVRYw93YzXHCQAwF4G0h Fw4caYEW0oJbSAtuwa1AldGg8PKQtP+GMHkHxkDG/qLVrtek6x65UCZPleYdH485HA4zrHHQ4R5F cPSTl4L0qigJDoxpoFRpUmMGKzR1sbpB3DTLsnzd83nL+XyeNHWDoBHEeg9YQlQWCtZrSmOa1YVN ktDkiz0FwmDJVbd7CizTUhcXLByDINXIiGyUQqnkL8Nm8iCY5CD1lkf+9UYQFykEhb7UqEGFeLwK Q6YgnXTovEtDZkHGZFpbR21nkLlhlUFqWig63XYGyevxeGSQXFjXG4lclSnyyekW/Ur+jFfzWRD6 31RoeQxAnxQB6cErQBKsywDpW6Yo93UgFAMg3DqgMaCqaRzEc4pBPh50fdxk9oF4zvPCCBDml6fo sIagnClVNTmQn/BAmOXxn4LMXQan45vrJCg07QPC/JI8BeT3BjidLNkGpOu1anSNbgd5U6qWx4Ak DOL1RotkTLMV8ouEWYc8yNzezcBNVchv5MIK8VKEHjKrM0D+malvyFoqxG2kLBHIMCmo3EAjFfLl MSAeNSzZoeZZIH/SHAim3I1MMwvC7syAeBuEyV++s3aA2suDHkI7nyi6UUTCHwLGKxSCsFjzzpV3 ZNUihc+s9QqF7YwtEW88zAMQt5Ec7AkKx4uvWjChwaujFoAay+PLUHhQ5LQXKeVu7y2a0GRY/LZq +gG1jBROap4Sy0XyX1VNyf8Ekav8lom5dqFyocn0k62QOenWkBC05uNNDyCv2fpj2mUtxve7vGZB 21CqI1X1BaBhTfiz1QDL9tAMaN70C8L8ei/Q32rYlN6hgdj0DS+u5+J4AqFYAAAAAElFTkSuQmCC In-Reply-To: <87ftlkp70j.fsf@gmx.de> (Michael Albinus's message of "Thu, 29 Aug 2019 13:04:28 +0200") X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Original-Sender: "Emacs-devel" Xref: news.gmane.org gmane.emacs.devel:239737 Archived-At: Hello Michael, Michael Albinus writes: > Thinking about this, I believe we could use such a mechanism at broader > level. You manage just one Tramp resource (passwords). WIBNI you could > cluster remote hosts also for other resources? For example, in order to > say "users for a given host share the same password if they access via > 'ssh' or 'sftp' or 'scp'". Or if you say "the connection property [1] > \"remote-shell\" of a given list of hosts shall be \"/bin/bash\"". Or if > you say "the connection-local variable [2] `tramp-remote-path' for a > given list of hosts shall contain \"/appli/pub/bin\"". > > [1] (info "(tramp) Predefined connection information") > [2] (info "(tramp) Remote programs") > > Then you could declare just clusters. I would start with a cluster name > (a string), and a list of regular expressions which identify the remote > hosts. Using your example, one would declare > > (add-to-list 'tramp-clusters '("Funny-Machines" "root@10\\.0\\." "...")) > > For every resource, be it a password, a connection property, or a > connection-local variable, Tramp would always check whether there is a > setting of that resource for the host in question, and if not, whether > there is a setting in a cluster the host belongs to. > > This broader approach wouldn't be implemented by an own package via > advising Tramp functions, but in Tramp itself. For the beginning, one > could start with managing passwords this way. > >> Is this feature in this form suitable for inclusion in the TRAMP >> standard distribution? > > Does this proposal makes sense to you? Would you like to work on this? Yes, it does, and I=E2=80=99d like to work on it. However, it=E2=80=99s no= t clear to me if the code I already wrote would be used as an interim solution. Most of the remarks you made below seems to me to imply that=E2=80=99s the case, however this conflicts with the fact that code in core Emacs should not advice other functions. I think it=E2=80=99s most likely you are just givi= ng me general advice as if it were to be included, but I=E2=80=99m not entirely s= ure; because (maybe) this code could be included in GNU ELPA. Could you please clarify this matter? > Just some comments on your code > >> ;; Copyright (C) 2019 Bruno F=C3=A9lix Rezende Ribeiro > > This would be FSF copyrighted, if included in Emacs/Tramp. All right. I=E2=80=99ve already assigned my copyright to the FSF for past = and future contributions to GNU Emacs. >> ;; Author: Bruno F=C3=A9lix Rezende Ribeiro >> ;; Maintainer: Bruno F=C3=A9lix Rezende Ribeiro > > If there is an author, you don't need a maintainer. Indeed. >> ;; Package-Version: 20190827.1316 >> ;; Package-Requires: (tramp) > > These entries are needed only in case it would be an ELPA package. I see. These are there because I=E2=80=99ve uploaded this source file to a local ELPA. >> ;; After this, just put the respective sacred secret in an >> ;; authentication source supported by auth-source library. For >> ;; instance: >> ;; >> ;; ---- ~/.authinfo.gpg --------------------------------------------- >> ;; machine Funny-Machines login root password "$r00tP#sWD!" port ssh >> ;; ------------------------------------------------------------------ > > IIRC, neither "login" nor "port" keys are mandatory in auth-source. So > you could live just with "machine" and "password". OK. >> ;; In case you are feeling lazy or the secret is not so secret (nor so >> ;; sacred) -- or for any reason you need to do it all from Lisp -- >> ;; it=E2=80=99s enough to: >> ;; >> ;; (auth-source-remember '(:host "Funny-Machines" :user "root" :port "ss= h") >> ;; '((:secret "$r00tP#sWD!"))) > > I wouldn't write this into a Tramp doc. Refer to the "auth" Info pages. My intention with this was to document the way I found for another private library to setup an auth-source entry automatically without fiddling with user=E2=80=99s Netrc files. I couldn=E2=80=99t find any reference to this function in auth-source=E2=80= =99s manual. Perhaps a section about this technique is needed there before we can refer to it? >> (defcustom tramp-auto-auth-alist > > A defcustom should have a :version key. In case it will be added to > Tramp, :version "27.1" (the first Emacs version this user option has > appeared) would be OK. Noted. >> :require 'tramp-auto-auth) > > Why is this needed? Quoting from the documentation on =E2=80=98:global=E2=80=99 in =E2=80=98(el= isp) Defining Minor Modes=E2=80=99: One of the effects of making a minor mode global is that the MODE variable becomes a customization variable. Toggling it through the Customize interface turns the mode on and off, and its value can be saved for future Emacs sessions. For the saved variable to work, you should ensure that the =E2=80=98define-minor-mode=E2=80=99 form is evalua= ted each time Emacs starts; for packages that are not part of Emacs, the easiest way to do this is to specify a =E2=80=98:require=E2=80=99 keyword. Since =E2=80=98tramp-auto-auth=E2=80=99 is not part of Emacs, I thought tha= t was needed. >> ;;;###autoload > > Please use ";;;###tramp-autoload". The user option makes only sense > after Tramp has been loaded. Where is this =E2=80=98;;;###-autoload=E2=80=99 cookie feature doc= umented? I couldn=E2=80=99t find it. >> (advice-add #'tramp-action-password :around > > Code, which is part of core Emacs, shall not advice other > functions. Advicing is intended for user-written Lisp. I couldn=E2=80=99t find any other way to obtain the same effect. Do you ha= ve any suggestion? > Please ensure also, that you do not exceed the 80 chars/line limit, for > better readability. Sure. Best regards, --=20 88888 FFFFF Bruno F=C3=A9lix Rezende Ribeiro (oitofelix) [0x28D618AF] 8 8 F http://oitofelix.freeshell.org/ 88888 FFFF mailto:oitofelix@gnu.org 8 8 F irc://chat.freenode.org/oitofelix 88888 F xmpp://oitofelix@riseup.net