From mboxrd@z Thu Jan 1 00:00:00 1970 From: Danny Milosavljevic Subject: bug#30109: [PATCH] gnu: shishi: Make shishi keys and database administrator-modifiable. Date: Mon, 4 Mar 2019 12:45:59 +0100 Message-ID: <20190304114559.17864-1-dannym@scratchpost.org> References: Mime-Version: 1.0 Content-Transfer-Encoding: 8bit Return-path: Received: from eggs.gnu.org ([209.51.188.92]:42778) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1h0m3n-0003Xf-W5 for bug-guix@gnu.org; Mon, 04 Mar 2019 06:47:08 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1h0m3m-0006q7-UA for bug-guix@gnu.org; Mon, 04 Mar 2019 06:47:07 -0500 Received: from debbugs.gnu.org ([209.51.188.43]:45648) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1h0m3i-0006oy-0j for bug-guix@gnu.org; Mon, 04 Mar 2019 06:47:05 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1h0m3h-0007HJ-TN for bug-guix@gnu.org; Mon, 04 Mar 2019 06:47:01 -0500 In-Reply-To: Sender: "Debbugs-submit" Resent-Message-ID: List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org Sender: "bug-Guix" To: 30109@debbugs.gnu.org Fixes . * gnu/packages/kerberos.scm (shishi)[arguments]<#:configure-flags>: Add --with-key-dir, --with-db-dir. <#:phases>[disable-automatic-key-generation]: New phase. --- gnu/packages/kerberos.scm | 21 +++++++++++++++++---- 1 file changed, 17 insertions(+), 4 deletions(-) diff --git a/gnu/packages/kerberos.scm b/gnu/packages/kerberos.scm index 873f5d8a3..9cfe95f4e 100644 --- a/gnu/packages/kerberos.scm +++ b/gnu/packages/kerberos.scm @@ -116,9 +116,19 @@ cryptography.") (build-system gnu-build-system) (arguments '(;; This is required since we patch some of the build scripts. - ;; Remove for the next Shishi release after 1.0.2 or when - ;; removing 'shishi-fix-libgcrypt-detection.patch'. - #:configure-flags '("ac_cv_libgcrypt=yes" "--disable-static"))) + ;; Remove first two items for the next Shishi release after 1.0.2 or + ;; when removing 'shishi-fix-libgcrypt-detection.patch'. + #:configure-flags + '("ac_cv_libgcrypt=yes" "--disable-static" + "--with-key-dir=/etc/shishi" "--with-db-dir=/var/shishi") + #:phases + (modify-phases %standard-phases + (add-after 'configure 'disable-automatic-key-generation + (lambda* (#:key outputs #:allow-other-keys) + (substitute* "Makefile" + (("^install-data-hook:") + "install-data-hook:\nx:\n")) + #t))))) (native-inputs `(("pkg-config" ,pkg-config))) (inputs `(("gnutls" ,gnutls) @@ -132,7 +142,10 @@ cryptography.") (description "GNU Shishi is a free implementation of the Kerberos 5 network security system. It is used to allow non-secure network nodes to communicate in a -secure manner through client-server mutual authentication via tickets.") +secure manner through client-server mutual authentication via tickets. + +After installation, the system administrator should generate keys using +@code{shisa -a /etc/shishi/shishi.keys}.") (license license:gpl3+))) (define-public heimdal