* bug#32855: sshuttle /usr/bin/env
@ 2018-09-27 18:23 Nam Nguyen
2018-09-27 19:11 ` Tobias Geerinckx-Rice
2018-09-27 19:22 ` Nam Nguyen
0 siblings, 2 replies; 9+ messages in thread
From: Nam Nguyen @ 2018-09-27 18:23 UTC (permalink / raw)
To: 32855
sshuttle is a python program that uses /usr/bin/env at line 196 of:
/gnu/store/...-sshuttle-0.78.4/lib/python3.6/site-packages/sshuttle/client.py
['sudo', '-p', '[local sudo] Password: ', '/usr/bin/env',
Trying to run sshuttle on GuixSD results in:
$ sshuttle -r user@server.com 0/0 -x server.com
sudo: /usr/bin/env: command not found
Here is a potential fix that I recycled from sshoot's recipe. I tested it,
and it works.
$ diff ~/.config/guix/current/share/guile/site/2.2/gnu/packages/vpn.scm ~/vpn.scm
349a350,357
> (arguments
> '(#:phases
> (modify-phases %standard-phases
> (add-after 'unpack 'patch-paths
> (lambda _
> (substitute* "sshuttle/client.py"
> (("/usr/bin/env") (which "env")))
> #t)))))
Cheers,
Nam
^ permalink raw reply [flat|nested] 9+ messages in thread
* bug#32855: sshuttle /usr/bin/env
2018-09-27 18:23 bug#32855: sshuttle /usr/bin/env Nam Nguyen
@ 2018-09-27 19:11 ` Tobias Geerinckx-Rice
2018-09-27 19:22 ` Nam Nguyen
1 sibling, 0 replies; 9+ messages in thread
From: Tobias Geerinckx-Rice @ 2018-09-27 19:11 UTC (permalink / raw)
To: Nam Nguyen; +Cc: 32855
Hullo,
Thanks for the report!
Nam Nguyen wrote:
> sshuttle is a python program that uses /usr/bin/env at line 196
> of:
> /gnu/store/...-sshuttle-0.78.4/lib/python3.6/site-packages/sshuttle/client.py
> ['sudo', '-p', '[local sudo] Password: ', '/usr/bin/env',
>
> Trying to run sshuttle on GuixSD results in:
> $ sshuttle -r user@server.com 0/0 -x server.com
> sudo: /usr/bin/env: command not found
This means that sshuttle on vanilla GuixSD has been broken ever
since I added it in 2016, which saddens me. I guess nobody else
uses it or, like me, they happen to also have a /usr/bin/env
symlink.
> Here is a potential fix that I recycled from sshoot's recipe. I
> tested it,
> and it works.
>
> $ diff
> ~/.config/guix/current/share/guile/site/2.2/gnu/packages/vpn.scm
> ~/vpn.scm
> 349a350,357
>> (arguments
>> '(#:phases
>> (modify-phases %standard-phases
>> (add-after 'unpack 'patch-paths
>> (lambda _
>> (substitute* "sshuttle/client.py"
>> (("/usr/bin/env") (which "env")))
>> #t)))))
I'll push this soon. Is it all right if I mention your name &
e-mail in the commit message?
Kind regards,
T G-R
^ permalink raw reply [flat|nested] 9+ messages in thread
* bug#32855: sshuttle /usr/bin/env
2018-09-27 18:23 bug#32855: sshuttle /usr/bin/env Nam Nguyen
2018-09-27 19:11 ` Tobias Geerinckx-Rice
@ 2018-09-27 19:22 ` Nam Nguyen
2018-09-27 22:04 ` Tobias Geerinckx-Rice
1 sibling, 1 reply; 9+ messages in thread
From: Nam Nguyen @ 2018-09-27 19:22 UTC (permalink / raw)
To: 32855
Yes, feel free to mention my name and e-mail. Thank you for your work
packaging it.
^ permalink raw reply [flat|nested] 9+ messages in thread
* bug#32855: sshuttle /usr/bin/env
2018-09-27 19:22 ` Nam Nguyen
@ 2018-09-27 22:04 ` Tobias Geerinckx-Rice
2018-09-29 22:40 ` Nam Nguyen
0 siblings, 1 reply; 9+ messages in thread
From: Tobias Geerinckx-Rice @ 2018-09-27 22:04 UTC (permalink / raw)
To: Nam Nguyen; +Cc: 32855-done
Nam Nguyen wrote:
> Yes, feel free to mention my name and e-mail.
Pushed as 6a6f7488df1794828e1845eaaf2c1c911c8e3e54.
Kind regards,
T G-R
^ permalink raw reply [flat|nested] 9+ messages in thread
* bug#32855: sshuttle /usr/bin/env
2018-09-27 22:04 ` Tobias Geerinckx-Rice
@ 2018-09-29 22:40 ` Nam Nguyen
2018-09-30 11:52 ` Tobias Geerinckx-Rice
0 siblings, 1 reply; 9+ messages in thread
From: Nam Nguyen @ 2018-09-29 22:40 UTC (permalink / raw)
To: Tobias Geerinckx-Rice; +Cc: 32855
Hi Tobias,
After testing, I think the /bin/sh substitution introduced a regression.
Lines in question:
(substitute* "sshuttle/ssh.py"
;; Perhaps this is unreachable, but don't let's take risks.
(("/bin/sh") (which "sh")))
$ sshuttle -r user <at> server.com 0/0 -x server.com
ksh: /gnu/store/rb...-bash-minimal-4.4.19/bin/sh: not found
client: fatal: server died with error code 127
The server I am sshing to is not running GuixSD. It is trying to find
/gnu/store/.../bin/sh but it doesn't exst. My local client is running
GuixSD. The only requirements on the server side should be Python. Should
those lines should be removed? I tested without, and it seems to work okay,
at least for my particular setup: GuixSD client --> non-GuixSD server.
I suppose we have to state the assumptions of whether the client and
server are running Guix or not, and arrive at good defaults.
^ permalink raw reply [flat|nested] 9+ messages in thread
* bug#32855: sshuttle /usr/bin/env
2018-09-29 22:40 ` Nam Nguyen
@ 2018-09-30 11:52 ` Tobias Geerinckx-Rice
2018-09-30 14:45 ` Nam Nguyen
2018-10-06 14:19 ` Marius Bakke
0 siblings, 2 replies; 9+ messages in thread
From: Tobias Geerinckx-Rice @ 2018-09-30 11:52 UTC (permalink / raw)
To: Nam Nguyen; +Cc: 32855
Hullo,
Nam Nguyen wrote:
> Hi Tobias,
>
> After testing, I think the /bin/sh substitution introduced a
> regression.
>
> Lines in question:
> (substitute* "sshuttle/ssh.py"
> ;; Perhaps this is unreachable, but don't let's take risks.
Oh, the irony.
> (("/bin/sh") (which "sh")))
This is just wrong: it calls the client's /gnu/store/.../sh on the
server.
> $ sshuttle -r user <at> server.com 0/0 -x server.com
> ksh: /gnu/store/rb...-bash-minimal-4.4.19/bin/sh: not found
> client: fatal: server died with error code 127
>
> The server I am sshing to is not running GuixSD. It is trying to
> find
> /gnu/store/.../bin/sh but it doesn't exst.
That's a good point (all my remotes run GuixSD, hiding the bug).
> The only requirements on the server side should be Python.
It's all well & good for upstream to say that (they do), but if
they explicitly call /bin/sh on the server then it's just not
true. A POSIX-compliant 'sh' was always an unstated server-side
dependency, and Guix happens to be very good at finding (and
breaking :-) those.
The hard-coded '/bin/' kluge was accepted later¹. Can't fathom
why. If brianmay's last comment is still true they'll accept the
correct 'exec sh' solution too.
Could you check whether replacing '(which "sh")' with '"sh"'
works? It does for me.
> Should those lines should be removed? I tested without, and it
> seems to work okay,
> at least for my particular setup: GuixSD client --> non-GuixSD
> server.
Wouldn't that break [any client -> vanilla GuixSD server] cases?
No denying that this regression needs to be fixed,
though. Apologies for breaking your 'flow.
> I suppose we have to state the assumptions of whether the client
> and
> server are running Guix or not, and arrive at good defaults.
I'd like to avoid such assumptions in general, and entirely on the
Internet.
Kind regards,
T G-R
1. https://github.com/sshuttle/sshuttle/pull/77
^ permalink raw reply [flat|nested] 9+ messages in thread
* bug#32855: sshuttle /usr/bin/env
2018-09-30 11:52 ` Tobias Geerinckx-Rice
@ 2018-09-30 14:45 ` Nam Nguyen
2018-10-06 14:19 ` Marius Bakke
1 sibling, 0 replies; 9+ messages in thread
From: Nam Nguyen @ 2018-09-30 14:45 UTC (permalink / raw)
To: Tobias Geerinckx-Rice; +Cc: 32855
> This is just wrong: it calls the client's /gnu/store/.../sh on the server.
Thanks for identifying the problem. Your solution sounds good.
> Could you check whether replacing '(which "sh")' with '"sh"' works? It does
> for me.
Yes, this works in my testing.
> A POSIX-compliant 'sh' was always an unstated server-side dependency,
> and Guix happens to be very good at finding (and breaking :-) those.
Guix is great, and I am enjoying learning more about it! I suppose these
are the challenges that come with making software portable.
^ permalink raw reply [flat|nested] 9+ messages in thread
* bug#32855: sshuttle /usr/bin/env
2018-09-30 11:52 ` Tobias Geerinckx-Rice
2018-09-30 14:45 ` Nam Nguyen
@ 2018-10-06 14:19 ` Marius Bakke
2018-10-06 14:49 ` Tobias Geerinckx-Rice
1 sibling, 1 reply; 9+ messages in thread
From: Marius Bakke @ 2018-10-06 14:19 UTC (permalink / raw)
To: Tobias Geerinckx-Rice, Nam Nguyen; +Cc: 32855
[-- Attachment #1: Type: text/plain, Size: 347 bytes --]
Tobias Geerinckx-Rice <me@tobias.gr> writes:
>> Should those lines should be removed? I tested without, and it
>> seems to work okay,
>> at least for my particular setup: GuixSD client --> non-GuixSD
>> server.
>
> Wouldn't that break [any client -> vanilla GuixSD server] cases?
Note that /bin/sh is present even on vanilla GuixSD.
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 487 bytes --]
^ permalink raw reply [flat|nested] 9+ messages in thread
* bug#32855: sshuttle /usr/bin/env
2018-10-06 14:19 ` Marius Bakke
@ 2018-10-06 14:49 ` Tobias Geerinckx-Rice
0 siblings, 0 replies; 9+ messages in thread
From: Tobias Geerinckx-Rice @ 2018-10-06 14:49 UTC (permalink / raw)
To: Marius Bakke; +Cc: 32855, Nam Nguyen
Marius,
Marius Bakke wrote:
> Note that /bin/sh is present even on vanilla GuixSD.
Thanks. I should probably give this vanilla GuixSD of which you
speak a try some time :-)
Kind regards,
T G-R
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2018-10-06 14:50 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2018-09-27 18:23 bug#32855: sshuttle /usr/bin/env Nam Nguyen
2018-09-27 19:11 ` Tobias Geerinckx-Rice
2018-09-27 19:22 ` Nam Nguyen
2018-09-27 22:04 ` Tobias Geerinckx-Rice
2018-09-29 22:40 ` Nam Nguyen
2018-09-30 11:52 ` Tobias Geerinckx-Rice
2018-09-30 14:45 ` Nam Nguyen
2018-10-06 14:19 ` Marius Bakke
2018-10-06 14:49 ` Tobias Geerinckx-Rice
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).