From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp12.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms5.migadu.com with LMTPS id YFVDNL57fmJjAgEAbAwnHQ (envelope-from ) for ; Fri, 13 May 2022 17:39:42 +0200 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp12.migadu.com with LMTPS id eHYoNL57fmKlQAEAauVa8A (envelope-from ) for ; Fri, 13 May 2022 17:39:42 +0200 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 6E3A61666B for ; Fri, 13 May 2022 17:39:42 +0200 (CEST) Received: from localhost ([::1]:46242 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1npX9K-0001qY-GH for larch@yhetil.org; Fri, 13 May 2022 11:24:14 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:41398) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1npX98-0001qQ-F5 for bug-guix@gnu.org; Fri, 13 May 2022 11:24:02 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:50721) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1npX98-0004zd-51 for bug-guix@gnu.org; Fri, 13 May 2022 11:24:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1npX98-0002hb-20 for bug-guix@gnu.org; Fri, 13 May 2022 11:24:02 -0400 X-Loop: help-debbugs@gnu.org Subject: bug#55335: [PATCH] services: Allow shepherd to listen for IPv6 connections to openssh. Resent-From: Jack Hill Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Fri, 13 May 2022 15:24:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 55335 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: Christopher Baines Cc: 55335@debbugs.gnu.org Received: via spool by 55335-submit@debbugs.gnu.org id=B55335.165245540610322 (code B ref 55335); Fri, 13 May 2022 15:24:02 +0000 Received: (at 55335) by debbugs.gnu.org; 13 May 2022 15:23:26 +0000 Received: from localhost ([127.0.0.1]:44618 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1npX8X-0002gQ-Oi for submit@debbugs.gnu.org; Fri, 13 May 2022 11:23:25 -0400 Received: from minsky.hcoop.net ([104.248.1.95]:60326) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1npX8W-0002gC-QS for 55335@debbugs.gnu.org; Fri, 13 May 2022 11:23:25 -0400 Received: from marsh.hcoop.net ([45.55.52.66]) by minsky.hcoop.net with esmtpsa (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1npX8R-0007C4-BO; Fri, 13 May 2022 11:23:19 -0400 Date: Fri, 13 May 2022 11:23:18 -0400 (EDT) From: Jack Hill X-X-Sender: jackhill@marsh.hcoop.net In-Reply-To: <20220513142312.21382-1-mail@cbaines.net> Message-ID: References: <87r153q913.fsf@cbaines.net> <20220513142312.21382-1-mail@cbaines.net> User-Agent: Alpine 2.21 (DEB 202 2017-01-01) MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset=US-ASCII X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-guix@gnu.org List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org Sender: "bug-Guix" X-Migadu-Flow: FLOW_IN X-Migadu-To: larch@yhetil.org X-Migadu-Country: US ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1652456382; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:resent-cc:resent-from:resent-sender: resent-message-id:in-reply-to:in-reply-to:references:references: list-id:list-help:list-unsubscribe:list-subscribe:list-post; bh=A/bR9GDDdAq/AIvqDi9YmpuAul6Dxx6J+q8imwt2tgQ=; b=alFHFPmAX/v/KcpNHwDCeO9PbeGDhA6/+bseo/1RKCAJCTq7oPNSPAfsXOMRcAqs3jI+Ip E/DPupUGwRmmPbB5FuGoCa9lb5ksQi7Uv29zeT/qwpbHP1lut0F7yZzMgQzBMtxTOIyyIX +qZqYEtVvpxzgDh8TL39wdR2imOo3bOQVTMgLspkJWfjn5hKwG/JAxI7Am22WqQuV5ZtOY HJYZA6bTbrnYSGT8SV9cOYRt/0NbdUPYsnM3qAdMs6H6jgACZaec4Uq9m6cQX9ukbQpokf 7pfWhYrGrH66Vl59tE2wVdoWFJSQCdOGl5O78FyQt5IkwL9UrSsi8wqPloTh0Q== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1652456382; a=rsa-sha256; cv=none; b=BkXUkgS0QssryE7y0/+g4Y7ERHn+rkJ/IlknD1D0vO0IvqgVyzaE+h7+NE0OuoV/Wz1e39 imxpCwONDeZGuSaurLpwz6c/rmCyegMl3nLK/RTAdcRxJvdcJml8w0E8ItFrYGKsP3gWVN ShGtGLQcFezxDmNQlOUCqwCMENWZxd9KzZ3s09zmziKnoSPW+rc/bJywDG1pmegzWcVZgw B2iP0f4cbEYfHGfHS7QOBXCFSKX9HR9ipoN3Av1xXzcJrgyzaRYhMoY72wVMOvtENVTj3T K5lVvQ9cgcPKoZpnav2x69p+c+KY5YZu9u5XT0DD/x5YQGiHvo6cOpWCEfdRuw== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=none; dmarc=none; spf=pass (aspmx1.migadu.com: domain of "bug-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="bug-guix-bounces+larch=yhetil.org@gnu.org" X-Migadu-Spam-Score: -3.03 Authentication-Results: aspmx1.migadu.com; dkim=none; dmarc=none; spf=pass (aspmx1.migadu.com: domain of "bug-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="bug-guix-bounces+larch=yhetil.org@gnu.org" X-Migadu-Queue-Id: 6E3A61666B X-Spam-Score: -3.03 X-Migadu-Scanner: scn1.migadu.com X-TUID: wqrEQjV4J8wT Thanks for looking into this! Does this fix work for you (I assume so)? I tried a simpler patch to use a v6 socket: --- a/gnu/services/ssh.scm +++ b/gnu/services/ssh.scm @@ -535,7 +535,7 @@ (define openssh-command (start #~(if (defined? 'make-inetd-constructor) (make-inetd-constructor (append #$openssh-command '("-i")) - (make-socket-address AF_INET INADDR_ANY + (make-socket-address AF_INET6 INADDR_ANY #$port-number) #:max-connections #$max-connections) (make-forkexec-constructor #$openssh-command and that does indeed produce a v6 socket that also accepts v4 connection. The output of `ss -tulpen`: tcp LISTEN 0 10 *:22 *:* users:(("shepherd",pid=1,fd=29)) ino:1522146 sk:2001 cgroup:/ v6only:0 <-> However, while ssh is now able to connect to the socket, something is going wrong in the handoff to sshd. I see the following message printed on the console when trying to connect: Uncaught exception in task: In fibers.scm: 150:8 4 (_) In shepherd/service.scm: 1435:21 3 (_) 1280:30 2 (socket-address->string #(10 # 37896 0 0)) In unknown file: 1 (inet-ntop 2 42540578165178177408896616697074944157) In ice-9/boot-9.scm: 1685:16 0 (raise-exception _ #:continualbe? _) ice-9/boot-9.scm:1685:16: In procecure raise-exception: Value our of range 0 to 18446744073709551615: 42540578165178177408896616697074944157 Best, Jack