From: Maxim Cournoyer <maxim.cournoyer@gmail.com>
To: Danny Milosavljevic <dannym@scratchpost.org>
Cc: 30109@debbugs.gnu.org
Subject: bug#30109: [PATCH] gnu: shishi: Make shishi keys and database administrator-modifiable.
Date: Thu, 18 Apr 2019 19:06:38 -0400 [thread overview]
Message-ID: <874l6uud4x.fsf@gmail.com> (raw)
In-Reply-To: <20190304114559.17864-1-dannym@scratchpost.org> (Danny Milosavljevic's message of "Mon, 4 Mar 2019 12:45:59 +0100")
Hello Danny!
Danny Milosavljevic <dannym@scratchpost.org> writes:
> Fixes <https://bugs.gnu.org/30109>.
>
> * gnu/packages/kerberos.scm (shishi)[arguments]<#:configure-flags>:
> Add --with-key-dir, --with-db-dir.
> <#:phases>[disable-automatic-key-generation]: New phase.
> ---
> gnu/packages/kerberos.scm | 21 +++++++++++++++++----
> 1 file changed, 17 insertions(+), 4 deletions(-)
>
> diff --git a/gnu/packages/kerberos.scm b/gnu/packages/kerberos.scm
> index 873f5d8a3..9cfe95f4e 100644
> --- a/gnu/packages/kerberos.scm
> +++ b/gnu/packages/kerberos.scm
> @@ -116,9 +116,19 @@ cryptography.")
> (build-system gnu-build-system)
> (arguments
> '(;; This is required since we patch some of the build scripts.
> - ;; Remove for the next Shishi release after 1.0.2 or when
> - ;; removing 'shishi-fix-libgcrypt-detection.patch'.
> - #:configure-flags '("ac_cv_libgcrypt=yes" "--disable-static")))
> + ;; Remove first two items for the next Shishi release after 1.0.2 or
> + ;; when removing 'shishi-fix-libgcrypt-detection.patch'.
> + #:configure-flags
> + '("ac_cv_libgcrypt=yes" "--disable-static"
> + "--with-key-dir=/etc/shishi" "--with-db-dir=/var/shishi")
> + #:phases
> + (modify-phases %standard-phases
> + (add-after 'configure 'disable-automatic-key-generation
> + (lambda* (#:key outputs #:allow-other-keys)
> + (substitute* "Makefile"
> + (("^install-data-hook:")
> + "install-data-hook:\nx:\n"))
> + #t)))))
> (native-inputs `(("pkg-config" ,pkg-config)))
> (inputs
> `(("gnutls" ,gnutls)
> @@ -132,7 +142,10 @@ cryptography.")
> (description
> "GNU Shishi is a free implementation of the Kerberos 5 network security
> system. It is used to allow non-secure network nodes to communicate in a
> -secure manner through client-server mutual authentication via tickets.")
> +secure manner through client-server mutual authentication via tickets.
> +
> +After installation, the system administrator should generate keys using
> +@code{shisa -a /etc/shishi/shishi.keys}.")
> (license license:gpl3+)))
>
> (define-public heimdal
I've applied and tried your proposed fix, and it made shishi
reproducible; so LGTM! Could you apply your fix to core-updates?
Thank you!
Maxim
next prev parent reply other threads:[~2019-04-18 23:07 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-01-14 11:29 bug#30109: [core-updates] shishi 1.0.2 not reproducible Gábor Boskovits
2019-03-04 11:45 ` bug#30109: [PATCH] gnu: shishi: Make shishi keys and database administrator-modifiable Danny Milosavljevic
2019-04-18 23:06 ` Maxim Cournoyer [this message]
2019-04-20 15:19 ` Danny Milosavljevic
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=874l6uud4x.fsf@gmail.com \
--to=maxim.cournoyer@gmail.com \
--cc=30109@debbugs.gnu.org \
--cc=dannym@scratchpost.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).