* [PATCH 1/2] gnu: lsh: Move to (gnu packages ssh)
@ 2016-07-04 20:56 David Craven
2016-07-05 6:01 ` Efraim Flashner
0 siblings, 1 reply; 9+ messages in thread
From: David Craven @ 2016-07-04 20:56 UTC (permalink / raw)
To: guix-devel; +Cc: David Craven
* gnu/packages/lsh.scm: Remove. Move 'lsh and liboop' to...
* gnu/packages/ssh.scm (liboop, lsh): ... here. New variables.
* gnu/services/ssh.scm: Adjust accordingly.
---
gnu/packages/lsh.scm | 159 ---------------------------------------------------
gnu/packages/ssh.scm | 157 ++++++++++++++++++++++++++++++++++++++++++++++----
gnu/services/ssh.scm | 2 +-
3 files changed, 146 insertions(+), 172 deletions(-)
delete mode 100644 gnu/packages/lsh.scm
diff --git a/gnu/packages/lsh.scm b/gnu/packages/lsh.scm
deleted file mode 100644
index 2ea1591..0000000
--- a/gnu/packages/lsh.scm
+++ /dev/null
@@ -1,159 +0,0 @@
-;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2012, 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
-;;;
-;;; This file is part of GNU Guix.
-;;;
-;;; GNU Guix is free software; you can redistribute it and/or modify it
-;;; under the terms of the GNU General Public License as published by
-;;; the Free Software Foundation; either version 3 of the License, or (at
-;;; your option) any later version.
-;;;
-;;; GNU Guix is distributed in the hope that it will be useful, but
-;;; WITHOUT ANY WARRANTY; without even the implied warranty of
-;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-;;; GNU General Public License for more details.
-;;;
-;;; You should have received a copy of the GNU General Public License
-;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
-
-(define-module (gnu packages lsh)
- #:use-module ((guix licenses) #:prefix license:)
- #:use-module (guix packages)
- #:use-module (guix download)
- #:use-module (guix build-system gnu)
- #:use-module (gnu packages)
- #:use-module (gnu packages m4)
- #:use-module (gnu packages linux)
- #:use-module (gnu packages nettle)
- #:use-module (gnu packages compression)
- #:use-module (gnu packages multiprecision)
- #:use-module (gnu packages readline)
- #:use-module (gnu packages gperf)
- #:use-module (gnu packages guile)
- #:use-module (gnu packages xorg))
-
-(define-public liboop
- (package
- (name "liboop")
- (version "1.0")
- (source
- (origin
- (method url-fetch)
- (uri (string-append "http://download.ofb.net/liboop/liboop-"
- version ".tar.gz"))
- (sha256
- (base32
- "0z6rlalhvfca64jpvksppc9bdhs7jwhiw4y35g5ibvh91xp3rn1l"))
- (patches (search-patches "liboop-mips64-deplibs-fix.patch"))))
- (build-system gnu-build-system)
- (home-page "http://www.lysator.liu.se/liboop/")
- (synopsis "Event loop library")
- (description "Liboop is a low-level event loop management library for
-POSIX-based operating systems. It supports the development of modular,
-multiplexed applications which may respond to events from several sources. It
-replaces the \"select() loop\" and allows the registration of event handlers
-for file and network I/O, timers and signals. Since processes use these
-mechanisms for almost all external communication, liboop can be used as the
-basis for almost any application.")
- (license license:lgpl2.1+)))
-
-(define-public lsh
- (package
- (name "lsh")
- (version "2.1")
- (source (origin
- (method url-fetch)
- (uri (string-append "mirror://gnu/lsh/lsh-"
- version ".tar.gz"))
- (sha256
- (base32
- "1qqjy9zfzgny0rkb27c8c7dfsylvb6n0ld8h3an2r83pmaqr9gwb"))
- (modules '((guix build utils)))
- (snippet
- '(begin
- (substitute* "src/testsuite/functions.sh"
- (("localhost")
- ;; Avoid host name lookups since they don't work in
- ;; chroot builds.
- "127.0.0.1")
- (("set -e")
- ;; Make tests more verbose.
- "set -e\nset -x"))
-
- (substitute* (find-files "src/testsuite" "-test$")
- (("localhost") "127.0.0.1"))
-
- (substitute* "src/testsuite/login-auth-test"
- (("/bin/cat") "cat"))))))
- (build-system gnu-build-system)
- (native-inputs
- `(("m4" ,m4)
- ("guile" ,guile-2.0)
- ("gperf" ,gperf)
- ("psmisc" ,psmisc))) ; for `killall'
- (inputs
- `(("nettle" ,nettle-2)
- ("linux-pam" ,linux-pam)
-
- ;; 'rl.c' uses the 'CPPFunction' type, which is no longer in
- ;; Readline 6.3.
- ("readline" ,readline-6.2)
-
- ("liboop" ,liboop)
- ("zlib" ,zlib)
- ("gmp" ,gmp)
-
- ;; The server (lshd) invokes xauth when X11 forwarding is requested.
- ;; This adds 24 MiB (or 27%) to the closure of lsh.
- ("xauth" ,xauth)))
- (arguments
- '(;; Skip the `configure' test that checks whether /dev/ptmx &
- ;; co. work as expected, because it relies on impurities (for
- ;; instance, /dev/pts may be unavailable in chroots.)
- #:configure-flags '("lsh_cv_sys_unix98_ptys=yes")
-
- ;; FIXME: Tests won't run in a chroot, presumably because
- ;; /etc/profile is missing, and thus clients get an empty $PATH
- ;; and nothing works.
- #:tests? #f
-
- #:phases
- (modify-phases %standard-phases
- (add-before 'configure 'pre-configure
- (lambda* (#:key inputs #:allow-other-keys)
- (let* ((nettle (assoc-ref inputs "nettle"))
- (sexp-conv (string-append nettle "/bin/sexp-conv")))
- ;; Make sure 'lsh' and 'lshd' pick 'sexp-conv' in the right place
- ;; by default.
- (substitute* "src/environ.h.in"
- (("^#define PATH_SEXP_CONV.*")
- (string-append "#define PATH_SEXP_CONV \""
- sexp-conv "\"\n")))
-
- ;; Same for the 'lsh-authorize' script.
- (substitute* "src/lsh-authorize"
- (("=sexp-conv")
- (string-append "=" sexp-conv)))
-
- ;; Tell lshd where 'xauth' lives. Another option would be to
- ;; hardcode "/run/current-system/profile/bin/xauth", thereby
- ;; reducing the closure size, but that wouldn't work on foreign
- ;; distros.
- (with-fluids ((%default-port-encoding "ISO-8859-1"))
- (substitute* "src/server_x11.c"
- (("define XAUTH_PROGRAM.*")
- (string-append "define XAUTH_PROGRAM \""
- (assoc-ref inputs "xauth")
- "/bin/xauth\"\n")))))
-
- ;; Tests rely on $USER being set.
- (setenv "USER" "guix"))))))
- (home-page "http://www.lysator.liu.se/~nisse/lsh/")
- (synopsis "GNU implementation of the Secure Shell (ssh) protocols")
- (description
- "GNU lsh is a free implementation of the SSH version 2 protocol. It is
-used to create a secure line of communication between two computers,
-providing shell access to the server system from the client. It provides
-both the server daemon and the client application, as well as tools for
-manipulating key files.")
- (license license:gpl2+)))
diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm
index b8f107b..f764ab9 100644
--- a/gnu/packages/ssh.scm
+++ b/gnu/packages/ssh.scm
@@ -20,27 +20,34 @@
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
(define-module (gnu packages ssh)
- #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (gnu packages)
+ #:use-module (gnu packages autotools)
+ #:use-module (gnu packages base)
+ #:autoload (gnu packages boost) (boost)
#:use-module (gnu packages compression)
+ #:use-module (gnu packages elf)
#:use-module (gnu packages gnupg)
+ #:use-module (gnu packages gperf)
#:use-module (gnu packages groff)
- #:use-module (gnu packages elf)
#:use-module (gnu packages guile)
- #:use-module (gnu packages pkg-config)
- #:use-module (gnu packages autotools)
- #:use-module (gnu packages texinfo)
- #:use-module (gnu packages perl)
+ #:use-module (gnu packages linux)
+ #:use-module (gnu packages m4)
+ #:use-module (gnu packages multiprecision)
#:use-module (gnu packages ncurses)
+ #:use-module (gnu packages nettle)
+ #:use-module (gnu packages perl)
+ #:use-module (gnu packages pkg-config)
#:autoload (gnu packages protobuf) (protobuf)
- #:autoload (gnu packages boost) (boost)
- #:use-module (gnu packages base)
+ #:use-module (gnu packages readline)
+ #:use-module (gnu packages texinfo)
#:use-module (gnu packages tls)
- #:use-module (gnu packages)
- #:use-module (guix packages)
+ #:use-module (gnu packages xorg)
+ #:use-module (guix build-system cmake)
+ #:use-module (guix build-system gnu)
#:use-module (guix download)
#:use-module (guix git-download)
- #:use-module (guix build-system gnu)
- #:use-module (guix build-system cmake))
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (guix packages))
(define-public libssh
(package
@@ -355,3 +362,129 @@ client. It runs on a variety of POSIX-based platforms. Dropbear is
particularly useful for embedded systems, such as wireless routers.")
(home-page "https://matt.ucc.asn.au/dropbear/dropbear.html")
(license (license:x11-style "" "See file LICENSE."))))
+
+(define-public liboop
+ (package
+ (name "liboop")
+ (version "1.0")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "http://download.ofb.net/liboop/liboop-"
+ version ".tar.gz"))
+ (sha256
+ (base32
+ "0z6rlalhvfca64jpvksppc9bdhs7jwhiw4y35g5ibvh91xp3rn1l"))
+ (patches (search-patches "liboop-mips64-deplibs-fix.patch"))))
+ (build-system gnu-build-system)
+ (home-page "http://www.lysator.liu.se/liboop/")
+ (synopsis "Event loop library")
+ (description "Liboop is a low-level event loop management library for
+POSIX-based operating systems. It supports the development of modular,
+multiplexed applications which may respond to events from several sources. It
+replaces the \"select() loop\" and allows the registration of event handlers
+for file and network I/O, timers and signals. Since processes use these
+mechanisms for almost all external communication, liboop can be used as the
+basis for almost any application.")
+ (license license:lgpl2.1+)))
+
+(define-public lsh
+ (package
+ (name "lsh")
+ (version "2.1")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "mirror://gnu/lsh/lsh-"
+ version ".tar.gz"))
+ (sha256
+ (base32
+ "1qqjy9zfzgny0rkb27c8c7dfsylvb6n0ld8h3an2r83pmaqr9gwb"))
+ (modules '((guix build utils)))
+ (snippet
+ '(begin
+ (substitute* "src/testsuite/functions.sh"
+ (("localhost")
+ ;; Avoid host name lookups since they don't work in
+ ;; chroot builds.
+ "127.0.0.1")
+ (("set -e")
+ ;; Make tests more verbose.
+ "set -e\nset -x"))
+
+ (substitute* (find-files "src/testsuite" "-test$")
+ (("localhost") "127.0.0.1"))
+
+ (substitute* "src/testsuite/login-auth-test"
+ (("/bin/cat") "cat"))))))
+ (build-system gnu-build-system)
+ (native-inputs
+ `(("m4" ,m4)
+ ("guile" ,guile-2.0)
+ ("gperf" ,gperf)
+ ("psmisc" ,psmisc))) ; for `killall'
+ (inputs
+ `(("nettle" ,nettle-2)
+ ("linux-pam" ,linux-pam)
+
+ ;; 'rl.c' uses the 'CPPFunction' type, which is no longer in
+ ;; Readline 6.3.
+ ("readline" ,readline-6.2)
+
+ ("liboop" ,liboop)
+ ("zlib" ,zlib)
+ ("gmp" ,gmp)
+
+ ;; The server (lshd) invokes xauth when X11 forwarding is requested.
+ ;; This adds 24 MiB (or 27%) to the closure of lsh.
+ ("xauth" ,xauth)))
+ (arguments
+ '(;; Skip the `configure' test that checks whether /dev/ptmx &
+ ;; co. work as expected, because it relies on impurities (for
+ ;; instance, /dev/pts may be unavailable in chroots.)
+ #:configure-flags '("lsh_cv_sys_unix98_ptys=yes")
+
+ ;; FIXME: Tests won't run in a chroot, presumably because
+ ;; /etc/profile is missing, and thus clients get an empty $PATH
+ ;; and nothing works.
+ #:tests? #f
+
+ #:phases
+ (modify-phases %standard-phases
+ (add-before 'configure 'pre-configure
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let* ((nettle (assoc-ref inputs "nettle"))
+ (sexp-conv (string-append nettle "/bin/sexp-conv")))
+ ;; Make sure 'lsh' and 'lshd' pick 'sexp-conv' in the right place
+ ;; by default.
+ (substitute* "src/environ.h.in"
+ (("^#define PATH_SEXP_CONV.*")
+ (string-append "#define PATH_SEXP_CONV \""
+ sexp-conv "\"\n")))
+
+ ;; Same for the 'lsh-authorize' script.
+ (substitute* "src/lsh-authorize"
+ (("=sexp-conv")
+ (string-append "=" sexp-conv)))
+
+ ;; Tell lshd where 'xauth' lives. Another option would be to
+ ;; hardcode "/run/current-system/profile/bin/xauth", thereby
+ ;; reducing the closure size, but that wouldn't work on foreign
+ ;; distros.
+ (with-fluids ((%default-port-encoding "ISO-8859-1"))
+ (substitute* "src/server_x11.c"
+ (("define XAUTH_PROGRAM.*")
+ (string-append "define XAUTH_PROGRAM \""
+ (assoc-ref inputs "xauth")
+ "/bin/xauth\"\n")))))
+
+ ;; Tests rely on $USER being set.
+ (setenv "USER" "guix"))))))
+ (home-page "http://www.lysator.liu.se/~nisse/lsh/")
+ (synopsis "GNU implementation of the Secure Shell (ssh) protocols")
+ (description
+ "GNU lsh is a free implementation of the SSH version 2 protocol. It is
+used to create a secure line of communication between two computers,
+providing shell access to the server system from the client. It provides
+both the server daemon and the client application, as well as tools for
+manipulating key files.")
+ (license license:gpl2+)))
diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm
index 33e1951..1eb9382 100644
--- a/gnu/services/ssh.scm
+++ b/gnu/services/ssh.scm
@@ -22,7 +22,7 @@
#:use-module (gnu services)
#:use-module (gnu services shepherd)
#:use-module (gnu system pam)
- #:use-module (gnu packages lsh)
+ #:use-module (gnu packages ssh)
#:use-module (srfi srfi-26)
#:export (lsh-service))
--
2.9.0
^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: [PATCH 1/2] gnu: lsh: Move to (gnu packages ssh)
2016-07-04 20:56 [PATCH 1/2] gnu: lsh: Move to (gnu packages ssh) David Craven
@ 2016-07-05 6:01 ` Efraim Flashner
2016-07-05 6:24 ` Efraim Flashner
0 siblings, 1 reply; 9+ messages in thread
From: Efraim Flashner @ 2016-07-05 6:01 UTC (permalink / raw)
To: David Craven; +Cc: guix-devel
[-- Attachment #1: Type: text/plain, Size: 816 bytes --]
On Mon, Jul 04, 2016 at 10:56:15PM +0200, David Craven wrote:
> * gnu/packages/lsh.scm: Remove. Move 'lsh and liboop' to...
> * gnu/packages/ssh.scm (liboop, lsh): ... here. New variables.
> * gnu/services/ssh.scm: Adjust accordingly.
> ---
> gnu/packages/lsh.scm | 159 ---------------------------------------------------
> gnu/packages/ssh.scm | 157 ++++++++++++++++++++++++++++++++++++++++++++++----
> gnu/services/ssh.scm | 2 +-
it also needs to be removed from gnu/local.mk
> 3 files changed, 146 insertions(+), 172 deletions(-)
> delete mode 100644 gnu/packages/lsh.scm
>
--
Efraim Flashner <efraim@flashner.co.il> אפרים פלשנר
GPG key = A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 819 bytes --]
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH 1/2] gnu: lsh: Move to (gnu packages ssh)
2016-07-05 6:01 ` Efraim Flashner
@ 2016-07-05 6:24 ` Efraim Flashner
2016-07-05 11:47 ` David Craven
0 siblings, 1 reply; 9+ messages in thread
From: Efraim Flashner @ 2016-07-05 6:24 UTC (permalink / raw)
To: David Craven; +Cc: guix-devel
[-- Attachment #1: Type: text/plain, Size: 1023 bytes --]
On Tue, Jul 05, 2016 at 09:01:57AM +0300, Efraim Flashner wrote:
> On Mon, Jul 04, 2016 at 10:56:15PM +0200, David Craven wrote:
> > * gnu/packages/lsh.scm: Remove. Move 'lsh and liboop' to...
> > * gnu/packages/ssh.scm (liboop, lsh): ... here. New variables.
> > * gnu/services/ssh.scm: Adjust accordingly.
> > ---
> > gnu/packages/lsh.scm | 159 ---------------------------------------------------
> > gnu/packages/ssh.scm | 157 ++++++++++++++++++++++++++++++++++++++++++++++----
> > gnu/services/ssh.scm | 2 +-
>
> it also needs to be removed from gnu/local.mk
>
> > 3 files changed, 146 insertions(+), 172 deletions(-)
> > delete mode 100644 gnu/packages/lsh.scm
> >
>
I seem to have deleted my second comment by mistake, don't forget to
transfer over Ludo's copyright line
--
Efraim Flashner <efraim@flashner.co.il> אפרים פלשנר
GPG key = A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 819 bytes --]
^ permalink raw reply [flat|nested] 9+ messages in thread
* [PATCH 1/2] gnu: lsh: Move to (gnu packages ssh)
2016-07-05 6:24 ` Efraim Flashner
@ 2016-07-05 11:47 ` David Craven
0 siblings, 0 replies; 9+ messages in thread
From: David Craven @ 2016-07-05 11:47 UTC (permalink / raw)
To: guix-devel; +Cc: David Craven
* gnu/packages/lsh.scm: Remove. Move 'lsh and liboop' to...
* gnu/packages/ssh.scm (liboop, lsh): ... here. New variables.
* gnu/services/ssh.scm: Adjust accordingly.
* gnu/local.mk: Adjust accordingly.
---
gnu/local.mk | 1 -
gnu/packages/lsh.scm | 159 ---------------------------------------------------
gnu/packages/ssh.scm | 158 ++++++++++++++++++++++++++++++++++++++++++++++----
gnu/services/ssh.scm | 2 +-
4 files changed, 147 insertions(+), 173 deletions(-)
delete mode 100644 gnu/packages/lsh.scm
diff --git a/gnu/local.mk b/gnu/local.mk
index 3a0d5c2..f396c6a 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -215,7 +215,6 @@ GNU_SYSTEM_MODULES = \
%D%/packages/llvm.scm \
%D%/packages/lout.scm \
%D%/packages/logging.scm \
- %D%/packages/lsh.scm \
%D%/packages/lsof.scm \
%D%/packages/lua.scm \
%D%/packages/lxde.scm \
diff --git a/gnu/packages/lsh.scm b/gnu/packages/lsh.scm
deleted file mode 100644
index 2ea1591..0000000
--- a/gnu/packages/lsh.scm
+++ /dev/null
@@ -1,159 +0,0 @@
-;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2012, 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
-;;;
-;;; This file is part of GNU Guix.
-;;;
-;;; GNU Guix is free software; you can redistribute it and/or modify it
-;;; under the terms of the GNU General Public License as published by
-;;; the Free Software Foundation; either version 3 of the License, or (at
-;;; your option) any later version.
-;;;
-;;; GNU Guix is distributed in the hope that it will be useful, but
-;;; WITHOUT ANY WARRANTY; without even the implied warranty of
-;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-;;; GNU General Public License for more details.
-;;;
-;;; You should have received a copy of the GNU General Public License
-;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
-
-(define-module (gnu packages lsh)
- #:use-module ((guix licenses) #:prefix license:)
- #:use-module (guix packages)
- #:use-module (guix download)
- #:use-module (guix build-system gnu)
- #:use-module (gnu packages)
- #:use-module (gnu packages m4)
- #:use-module (gnu packages linux)
- #:use-module (gnu packages nettle)
- #:use-module (gnu packages compression)
- #:use-module (gnu packages multiprecision)
- #:use-module (gnu packages readline)
- #:use-module (gnu packages gperf)
- #:use-module (gnu packages guile)
- #:use-module (gnu packages xorg))
-
-(define-public liboop
- (package
- (name "liboop")
- (version "1.0")
- (source
- (origin
- (method url-fetch)
- (uri (string-append "http://download.ofb.net/liboop/liboop-"
- version ".tar.gz"))
- (sha256
- (base32
- "0z6rlalhvfca64jpvksppc9bdhs7jwhiw4y35g5ibvh91xp3rn1l"))
- (patches (search-patches "liboop-mips64-deplibs-fix.patch"))))
- (build-system gnu-build-system)
- (home-page "http://www.lysator.liu.se/liboop/")
- (synopsis "Event loop library")
- (description "Liboop is a low-level event loop management library for
-POSIX-based operating systems. It supports the development of modular,
-multiplexed applications which may respond to events from several sources. It
-replaces the \"select() loop\" and allows the registration of event handlers
-for file and network I/O, timers and signals. Since processes use these
-mechanisms for almost all external communication, liboop can be used as the
-basis for almost any application.")
- (license license:lgpl2.1+)))
-
-(define-public lsh
- (package
- (name "lsh")
- (version "2.1")
- (source (origin
- (method url-fetch)
- (uri (string-append "mirror://gnu/lsh/lsh-"
- version ".tar.gz"))
- (sha256
- (base32
- "1qqjy9zfzgny0rkb27c8c7dfsylvb6n0ld8h3an2r83pmaqr9gwb"))
- (modules '((guix build utils)))
- (snippet
- '(begin
- (substitute* "src/testsuite/functions.sh"
- (("localhost")
- ;; Avoid host name lookups since they don't work in
- ;; chroot builds.
- "127.0.0.1")
- (("set -e")
- ;; Make tests more verbose.
- "set -e\nset -x"))
-
- (substitute* (find-files "src/testsuite" "-test$")
- (("localhost") "127.0.0.1"))
-
- (substitute* "src/testsuite/login-auth-test"
- (("/bin/cat") "cat"))))))
- (build-system gnu-build-system)
- (native-inputs
- `(("m4" ,m4)
- ("guile" ,guile-2.0)
- ("gperf" ,gperf)
- ("psmisc" ,psmisc))) ; for `killall'
- (inputs
- `(("nettle" ,nettle-2)
- ("linux-pam" ,linux-pam)
-
- ;; 'rl.c' uses the 'CPPFunction' type, which is no longer in
- ;; Readline 6.3.
- ("readline" ,readline-6.2)
-
- ("liboop" ,liboop)
- ("zlib" ,zlib)
- ("gmp" ,gmp)
-
- ;; The server (lshd) invokes xauth when X11 forwarding is requested.
- ;; This adds 24 MiB (or 27%) to the closure of lsh.
- ("xauth" ,xauth)))
- (arguments
- '(;; Skip the `configure' test that checks whether /dev/ptmx &
- ;; co. work as expected, because it relies on impurities (for
- ;; instance, /dev/pts may be unavailable in chroots.)
- #:configure-flags '("lsh_cv_sys_unix98_ptys=yes")
-
- ;; FIXME: Tests won't run in a chroot, presumably because
- ;; /etc/profile is missing, and thus clients get an empty $PATH
- ;; and nothing works.
- #:tests? #f
-
- #:phases
- (modify-phases %standard-phases
- (add-before 'configure 'pre-configure
- (lambda* (#:key inputs #:allow-other-keys)
- (let* ((nettle (assoc-ref inputs "nettle"))
- (sexp-conv (string-append nettle "/bin/sexp-conv")))
- ;; Make sure 'lsh' and 'lshd' pick 'sexp-conv' in the right place
- ;; by default.
- (substitute* "src/environ.h.in"
- (("^#define PATH_SEXP_CONV.*")
- (string-append "#define PATH_SEXP_CONV \""
- sexp-conv "\"\n")))
-
- ;; Same for the 'lsh-authorize' script.
- (substitute* "src/lsh-authorize"
- (("=sexp-conv")
- (string-append "=" sexp-conv)))
-
- ;; Tell lshd where 'xauth' lives. Another option would be to
- ;; hardcode "/run/current-system/profile/bin/xauth", thereby
- ;; reducing the closure size, but that wouldn't work on foreign
- ;; distros.
- (with-fluids ((%default-port-encoding "ISO-8859-1"))
- (substitute* "src/server_x11.c"
- (("define XAUTH_PROGRAM.*")
- (string-append "define XAUTH_PROGRAM \""
- (assoc-ref inputs "xauth")
- "/bin/xauth\"\n")))))
-
- ;; Tests rely on $USER being set.
- (setenv "USER" "guix"))))))
- (home-page "http://www.lysator.liu.se/~nisse/lsh/")
- (synopsis "GNU implementation of the Secure Shell (ssh) protocols")
- (description
- "GNU lsh is a free implementation of the SSH version 2 protocol. It is
-used to create a secure line of communication between two computers,
-providing shell access to the server system from the client. It provides
-both the server daemon and the client application, as well as tools for
-manipulating key files.")
- (license license:gpl2+)))
diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm
index b8f107b..9fee304 100644
--- a/gnu/packages/ssh.scm
+++ b/gnu/packages/ssh.scm
@@ -1,4 +1,5 @@
;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2012, 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2013, 2014 Andreas Enge <andreas@enge.fr>
;;; Copyright © 2014, 2015, 2016 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2015, 2016 Efraim Flashner <efraim@flashner.co.il>
@@ -20,27 +21,34 @@
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
(define-module (gnu packages ssh)
- #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (gnu packages)
+ #:use-module (gnu packages autotools)
+ #:use-module (gnu packages base)
+ #:autoload (gnu packages boost) (boost)
#:use-module (gnu packages compression)
+ #:use-module (gnu packages elf)
#:use-module (gnu packages gnupg)
+ #:use-module (gnu packages gperf)
#:use-module (gnu packages groff)
- #:use-module (gnu packages elf)
#:use-module (gnu packages guile)
- #:use-module (gnu packages pkg-config)
- #:use-module (gnu packages autotools)
- #:use-module (gnu packages texinfo)
- #:use-module (gnu packages perl)
+ #:use-module (gnu packages linux)
+ #:use-module (gnu packages m4)
+ #:use-module (gnu packages multiprecision)
#:use-module (gnu packages ncurses)
+ #:use-module (gnu packages nettle)
+ #:use-module (gnu packages perl)
+ #:use-module (gnu packages pkg-config)
#:autoload (gnu packages protobuf) (protobuf)
- #:autoload (gnu packages boost) (boost)
- #:use-module (gnu packages base)
+ #:use-module (gnu packages readline)
+ #:use-module (gnu packages texinfo)
#:use-module (gnu packages tls)
- #:use-module (gnu packages)
- #:use-module (guix packages)
+ #:use-module (gnu packages xorg)
+ #:use-module (guix build-system cmake)
+ #:use-module (guix build-system gnu)
#:use-module (guix download)
#:use-module (guix git-download)
- #:use-module (guix build-system gnu)
- #:use-module (guix build-system cmake))
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (guix packages))
(define-public libssh
(package
@@ -355,3 +363,129 @@ client. It runs on a variety of POSIX-based platforms. Dropbear is
particularly useful for embedded systems, such as wireless routers.")
(home-page "https://matt.ucc.asn.au/dropbear/dropbear.html")
(license (license:x11-style "" "See file LICENSE."))))
+
+(define-public liboop
+ (package
+ (name "liboop")
+ (version "1.0")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "http://download.ofb.net/liboop/liboop-"
+ version ".tar.gz"))
+ (sha256
+ (base32
+ "0z6rlalhvfca64jpvksppc9bdhs7jwhiw4y35g5ibvh91xp3rn1l"))
+ (patches (search-patches "liboop-mips64-deplibs-fix.patch"))))
+ (build-system gnu-build-system)
+ (home-page "http://www.lysator.liu.se/liboop/")
+ (synopsis "Event loop library")
+ (description "Liboop is a low-level event loop management library for
+POSIX-based operating systems. It supports the development of modular,
+multiplexed applications which may respond to events from several sources. It
+replaces the \"select() loop\" and allows the registration of event handlers
+for file and network I/O, timers and signals. Since processes use these
+mechanisms for almost all external communication, liboop can be used as the
+basis for almost any application.")
+ (license license:lgpl2.1+)))
+
+(define-public lsh
+ (package
+ (name "lsh")
+ (version "2.1")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "mirror://gnu/lsh/lsh-"
+ version ".tar.gz"))
+ (sha256
+ (base32
+ "1qqjy9zfzgny0rkb27c8c7dfsylvb6n0ld8h3an2r83pmaqr9gwb"))
+ (modules '((guix build utils)))
+ (snippet
+ '(begin
+ (substitute* "src/testsuite/functions.sh"
+ (("localhost")
+ ;; Avoid host name lookups since they don't work in
+ ;; chroot builds.
+ "127.0.0.1")
+ (("set -e")
+ ;; Make tests more verbose.
+ "set -e\nset -x"))
+
+ (substitute* (find-files "src/testsuite" "-test$")
+ (("localhost") "127.0.0.1"))
+
+ (substitute* "src/testsuite/login-auth-test"
+ (("/bin/cat") "cat"))))))
+ (build-system gnu-build-system)
+ (native-inputs
+ `(("m4" ,m4)
+ ("guile" ,guile-2.0)
+ ("gperf" ,gperf)
+ ("psmisc" ,psmisc))) ; for `killall'
+ (inputs
+ `(("nettle" ,nettle-2)
+ ("linux-pam" ,linux-pam)
+
+ ;; 'rl.c' uses the 'CPPFunction' type, which is no longer in
+ ;; Readline 6.3.
+ ("readline" ,readline-6.2)
+
+ ("liboop" ,liboop)
+ ("zlib" ,zlib)
+ ("gmp" ,gmp)
+
+ ;; The server (lshd) invokes xauth when X11 forwarding is requested.
+ ;; This adds 24 MiB (or 27%) to the closure of lsh.
+ ("xauth" ,xauth)))
+ (arguments
+ '(;; Skip the `configure' test that checks whether /dev/ptmx &
+ ;; co. work as expected, because it relies on impurities (for
+ ;; instance, /dev/pts may be unavailable in chroots.)
+ #:configure-flags '("lsh_cv_sys_unix98_ptys=yes")
+
+ ;; FIXME: Tests won't run in a chroot, presumably because
+ ;; /etc/profile is missing, and thus clients get an empty $PATH
+ ;; and nothing works.
+ #:tests? #f
+
+ #:phases
+ (modify-phases %standard-phases
+ (add-before 'configure 'pre-configure
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let* ((nettle (assoc-ref inputs "nettle"))
+ (sexp-conv (string-append nettle "/bin/sexp-conv")))
+ ;; Make sure 'lsh' and 'lshd' pick 'sexp-conv' in the right place
+ ;; by default.
+ (substitute* "src/environ.h.in"
+ (("^#define PATH_SEXP_CONV.*")
+ (string-append "#define PATH_SEXP_CONV \""
+ sexp-conv "\"\n")))
+
+ ;; Same for the 'lsh-authorize' script.
+ (substitute* "src/lsh-authorize"
+ (("=sexp-conv")
+ (string-append "=" sexp-conv)))
+
+ ;; Tell lshd where 'xauth' lives. Another option would be to
+ ;; hardcode "/run/current-system/profile/bin/xauth", thereby
+ ;; reducing the closure size, but that wouldn't work on foreign
+ ;; distros.
+ (with-fluids ((%default-port-encoding "ISO-8859-1"))
+ (substitute* "src/server_x11.c"
+ (("define XAUTH_PROGRAM.*")
+ (string-append "define XAUTH_PROGRAM \""
+ (assoc-ref inputs "xauth")
+ "/bin/xauth\"\n")))))
+
+ ;; Tests rely on $USER being set.
+ (setenv "USER" "guix"))))))
+ (home-page "http://www.lysator.liu.se/~nisse/lsh/")
+ (synopsis "GNU implementation of the Secure Shell (ssh) protocols")
+ (description
+ "GNU lsh is a free implementation of the SSH version 2 protocol. It is
+used to create a secure line of communication between two computers,
+providing shell access to the server system from the client. It provides
+both the server daemon and the client application, as well as tools for
+manipulating key files.")
+ (license license:gpl2+)))
diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm
index 33e1951..1eb9382 100644
--- a/gnu/services/ssh.scm
+++ b/gnu/services/ssh.scm
@@ -22,7 +22,7 @@
#:use-module (gnu services)
#:use-module (gnu services shepherd)
#:use-module (gnu system pam)
- #:use-module (gnu packages lsh)
+ #:use-module (gnu packages ssh)
#:use-module (srfi srfi-26)
#:export (lsh-service))
--
2.9.0
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH 0/2] Dropbear service take two.
@ 2016-07-13 16:13 David Craven
2016-07-13 16:13 ` [PATCH 1/2] gnu: lsh: Move to (gnu packages ssh) David Craven
2016-07-13 16:13 ` [PATCH 2/2] services: Add 'dropbear-service' David Craven
0 siblings, 2 replies; 9+ messages in thread
From: David Craven @ 2016-07-13 16:13 UTC (permalink / raw)
To: guix-devel; +Cc: David Craven
Changes from previous version:
* Service initialization is reduced to just creating the "/etc/dropbear"
directory.
* The initialize and host-key options are removed.
* The -R flag has been added to dropbear.
Example service file:
```scheme
(use-modules (gnu))
(use-service-modules base networking ssh)
(operating-system
(host-name "test")
(timezone "Europe/Zurich")
(locale "en_US.UTF-8")
(bootloader (grub-configuration (device "/dev/vda")))
(file-systems (cons
(file-system
(device "/dev/vda1")
(mount-point "/")
(type "ext4"))
%base-file-systems))
(users (cons
(user-account
(name "test")
(group "users")
(supplementary-groups '("wheel"))
(home-directory "/home/test")
(password "sa5JEXtYx/rm6")) ;; password pass
%base-user-accounts))
(packages %base-packages)
(services (cons*
(dhcp-client-service)
(dropbear-service
#:port-number 22
#:allow-empty-passwords? #t
#:root-login? #t
#:syslog-output? #t
#:pid-file "/var/run/dropbear.pid"
#:password-authentication? #t)
(rngd-service)
%base-services)))
```
Additional information:
This patch is needed, just adding -net user,hostfwd=tcp::10022-:22 at the end
didn't work for me.
```diff
diff --git a/gnu/system/vm.scm b/gnu/system/vm.scm
index 676e89d..68aab5d 100644
--- a/gnu/system/vm.scm
+++ b/gnu/system/vm.scm
@@ -468,7 +468,7 @@ with '-virtfs' options for the host file systems listed in SHARED-FS."
"")
" -no-reboot -net nic,model=virtio \
" #$@(map virtfs-option shared-fs) " \
- -net user \
+ -net user,hostfwd=tcp::10022-:22 \
-vga std \
-drive file=" #$image
",if=virtio,cache=writeback,werror=report,readonly \
```
You can use this command to connect to dropbear:
ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no test@localhost -p 10022
I'm currently having an issue with all guix operations after commit 4ee96a7 but I
tested it with previous commits. I'm assuming that the problem is related to nixos
and that it shouldn't affect people using guixsd.
David Craven (2):
gnu: lsh: Move to (gnu packages ssh)
services: Add 'dropbear-service'.
doc/guix.texi | 18 +++++-
gnu/local.mk | 1 -
gnu/packages/lsh.scm | 159 ---------------------------------------------------
gnu/packages/ssh.scm | 158 ++++++++++++++++++++++++++++++++++++++++++++++----
gnu/services/ssh.scm | 83 +++++++++++++++++++++++++--
5 files changed, 242 insertions(+), 177 deletions(-)
delete mode 100644 gnu/packages/lsh.scm
--
2.9.0
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH 1/2] gnu: lsh: Move to (gnu packages ssh)
2016-07-13 16:13 [PATCH 0/2] Dropbear service take two David Craven
@ 2016-07-13 16:13 ` David Craven
2016-07-15 15:13 ` Ludovic Courtès
2016-07-13 16:13 ` [PATCH 2/2] services: Add 'dropbear-service' David Craven
1 sibling, 1 reply; 9+ messages in thread
From: David Craven @ 2016-07-13 16:13 UTC (permalink / raw)
To: guix-devel; +Cc: David Craven
* gnu/packages/lsh.scm: Remove. Move 'lsh and liboop' to...
* gnu/packages/ssh.scm (liboop, lsh): ... here. New variables.
* gnu/services/ssh.scm: Adjust accordingly.
* gnu/local.mk: Adjust accordingly.
---
gnu/local.mk | 1 -
gnu/packages/lsh.scm | 159 ---------------------------------------------------
gnu/packages/ssh.scm | 158 ++++++++++++++++++++++++++++++++++++++++++++++----
gnu/services/ssh.scm | 2 +-
4 files changed, 147 insertions(+), 173 deletions(-)
delete mode 100644 gnu/packages/lsh.scm
diff --git a/gnu/local.mk b/gnu/local.mk
index d011844..71409b9 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -215,7 +215,6 @@ GNU_SYSTEM_MODULES = \
%D%/packages/llvm.scm \
%D%/packages/lout.scm \
%D%/packages/logging.scm \
- %D%/packages/lsh.scm \
%D%/packages/lsof.scm \
%D%/packages/lua.scm \
%D%/packages/lxde.scm \
diff --git a/gnu/packages/lsh.scm b/gnu/packages/lsh.scm
deleted file mode 100644
index 2ea1591..0000000
--- a/gnu/packages/lsh.scm
+++ /dev/null
@@ -1,159 +0,0 @@
-;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2012, 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
-;;;
-;;; This file is part of GNU Guix.
-;;;
-;;; GNU Guix is free software; you can redistribute it and/or modify it
-;;; under the terms of the GNU General Public License as published by
-;;; the Free Software Foundation; either version 3 of the License, or (at
-;;; your option) any later version.
-;;;
-;;; GNU Guix is distributed in the hope that it will be useful, but
-;;; WITHOUT ANY WARRANTY; without even the implied warranty of
-;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-;;; GNU General Public License for more details.
-;;;
-;;; You should have received a copy of the GNU General Public License
-;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
-
-(define-module (gnu packages lsh)
- #:use-module ((guix licenses) #:prefix license:)
- #:use-module (guix packages)
- #:use-module (guix download)
- #:use-module (guix build-system gnu)
- #:use-module (gnu packages)
- #:use-module (gnu packages m4)
- #:use-module (gnu packages linux)
- #:use-module (gnu packages nettle)
- #:use-module (gnu packages compression)
- #:use-module (gnu packages multiprecision)
- #:use-module (gnu packages readline)
- #:use-module (gnu packages gperf)
- #:use-module (gnu packages guile)
- #:use-module (gnu packages xorg))
-
-(define-public liboop
- (package
- (name "liboop")
- (version "1.0")
- (source
- (origin
- (method url-fetch)
- (uri (string-append "http://download.ofb.net/liboop/liboop-"
- version ".tar.gz"))
- (sha256
- (base32
- "0z6rlalhvfca64jpvksppc9bdhs7jwhiw4y35g5ibvh91xp3rn1l"))
- (patches (search-patches "liboop-mips64-deplibs-fix.patch"))))
- (build-system gnu-build-system)
- (home-page "http://www.lysator.liu.se/liboop/")
- (synopsis "Event loop library")
- (description "Liboop is a low-level event loop management library for
-POSIX-based operating systems. It supports the development of modular,
-multiplexed applications which may respond to events from several sources. It
-replaces the \"select() loop\" and allows the registration of event handlers
-for file and network I/O, timers and signals. Since processes use these
-mechanisms for almost all external communication, liboop can be used as the
-basis for almost any application.")
- (license license:lgpl2.1+)))
-
-(define-public lsh
- (package
- (name "lsh")
- (version "2.1")
- (source (origin
- (method url-fetch)
- (uri (string-append "mirror://gnu/lsh/lsh-"
- version ".tar.gz"))
- (sha256
- (base32
- "1qqjy9zfzgny0rkb27c8c7dfsylvb6n0ld8h3an2r83pmaqr9gwb"))
- (modules '((guix build utils)))
- (snippet
- '(begin
- (substitute* "src/testsuite/functions.sh"
- (("localhost")
- ;; Avoid host name lookups since they don't work in
- ;; chroot builds.
- "127.0.0.1")
- (("set -e")
- ;; Make tests more verbose.
- "set -e\nset -x"))
-
- (substitute* (find-files "src/testsuite" "-test$")
- (("localhost") "127.0.0.1"))
-
- (substitute* "src/testsuite/login-auth-test"
- (("/bin/cat") "cat"))))))
- (build-system gnu-build-system)
- (native-inputs
- `(("m4" ,m4)
- ("guile" ,guile-2.0)
- ("gperf" ,gperf)
- ("psmisc" ,psmisc))) ; for `killall'
- (inputs
- `(("nettle" ,nettle-2)
- ("linux-pam" ,linux-pam)
-
- ;; 'rl.c' uses the 'CPPFunction' type, which is no longer in
- ;; Readline 6.3.
- ("readline" ,readline-6.2)
-
- ("liboop" ,liboop)
- ("zlib" ,zlib)
- ("gmp" ,gmp)
-
- ;; The server (lshd) invokes xauth when X11 forwarding is requested.
- ;; This adds 24 MiB (or 27%) to the closure of lsh.
- ("xauth" ,xauth)))
- (arguments
- '(;; Skip the `configure' test that checks whether /dev/ptmx &
- ;; co. work as expected, because it relies on impurities (for
- ;; instance, /dev/pts may be unavailable in chroots.)
- #:configure-flags '("lsh_cv_sys_unix98_ptys=yes")
-
- ;; FIXME: Tests won't run in a chroot, presumably because
- ;; /etc/profile is missing, and thus clients get an empty $PATH
- ;; and nothing works.
- #:tests? #f
-
- #:phases
- (modify-phases %standard-phases
- (add-before 'configure 'pre-configure
- (lambda* (#:key inputs #:allow-other-keys)
- (let* ((nettle (assoc-ref inputs "nettle"))
- (sexp-conv (string-append nettle "/bin/sexp-conv")))
- ;; Make sure 'lsh' and 'lshd' pick 'sexp-conv' in the right place
- ;; by default.
- (substitute* "src/environ.h.in"
- (("^#define PATH_SEXP_CONV.*")
- (string-append "#define PATH_SEXP_CONV \""
- sexp-conv "\"\n")))
-
- ;; Same for the 'lsh-authorize' script.
- (substitute* "src/lsh-authorize"
- (("=sexp-conv")
- (string-append "=" sexp-conv)))
-
- ;; Tell lshd where 'xauth' lives. Another option would be to
- ;; hardcode "/run/current-system/profile/bin/xauth", thereby
- ;; reducing the closure size, but that wouldn't work on foreign
- ;; distros.
- (with-fluids ((%default-port-encoding "ISO-8859-1"))
- (substitute* "src/server_x11.c"
- (("define XAUTH_PROGRAM.*")
- (string-append "define XAUTH_PROGRAM \""
- (assoc-ref inputs "xauth")
- "/bin/xauth\"\n")))))
-
- ;; Tests rely on $USER being set.
- (setenv "USER" "guix"))))))
- (home-page "http://www.lysator.liu.se/~nisse/lsh/")
- (synopsis "GNU implementation of the Secure Shell (ssh) protocols")
- (description
- "GNU lsh is a free implementation of the SSH version 2 protocol. It is
-used to create a secure line of communication between two computers,
-providing shell access to the server system from the client. It provides
-both the server daemon and the client application, as well as tools for
-manipulating key files.")
- (license license:gpl2+)))
diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm
index c782d4d..71310ec 100644
--- a/gnu/packages/ssh.scm
+++ b/gnu/packages/ssh.scm
@@ -1,4 +1,5 @@
;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2012, 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2013, 2014 Andreas Enge <andreas@enge.fr>
;;; Copyright © 2014, 2015, 2016 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2015, 2016 Efraim Flashner <efraim@flashner.co.il>
@@ -20,27 +21,34 @@
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
(define-module (gnu packages ssh)
- #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (gnu packages)
+ #:use-module (gnu packages autotools)
+ #:use-module (gnu packages base)
+ #:autoload (gnu packages boost) (boost)
#:use-module (gnu packages compression)
+ #:use-module (gnu packages elf)
#:use-module (gnu packages gnupg)
+ #:use-module (gnu packages gperf)
#:use-module (gnu packages groff)
- #:use-module (gnu packages elf)
#:use-module (gnu packages guile)
- #:use-module (gnu packages pkg-config)
- #:use-module (gnu packages autotools)
- #:use-module (gnu packages texinfo)
- #:use-module (gnu packages perl)
+ #:use-module (gnu packages linux)
+ #:use-module (gnu packages m4)
+ #:use-module (gnu packages multiprecision)
#:use-module (gnu packages ncurses)
+ #:use-module (gnu packages nettle)
+ #:use-module (gnu packages perl)
+ #:use-module (gnu packages pkg-config)
#:autoload (gnu packages protobuf) (protobuf)
- #:autoload (gnu packages boost) (boost)
- #:use-module (gnu packages base)
+ #:use-module (gnu packages readline)
+ #:use-module (gnu packages texinfo)
#:use-module (gnu packages tls)
- #:use-module (gnu packages)
- #:use-module (guix packages)
+ #:use-module (gnu packages xorg)
+ #:use-module (guix build-system cmake)
+ #:use-module (guix build-system gnu)
#:use-module (guix download)
#:use-module (guix git-download)
- #:use-module (guix build-system gnu)
- #:use-module (guix build-system cmake))
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (guix packages))
(define-public libssh
(package
@@ -355,3 +363,129 @@ client. It runs on a variety of POSIX-based platforms. Dropbear is
particularly useful for embedded systems, such as wireless routers.")
(home-page "https://matt.ucc.asn.au/dropbear/dropbear.html")
(license (license:x11-style "" "See file LICENSE."))))
+
+(define-public liboop
+ (package
+ (name "liboop")
+ (version "1.0")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "http://download.ofb.net/liboop/liboop-"
+ version ".tar.gz"))
+ (sha256
+ (base32
+ "0z6rlalhvfca64jpvksppc9bdhs7jwhiw4y35g5ibvh91xp3rn1l"))
+ (patches (search-patches "liboop-mips64-deplibs-fix.patch"))))
+ (build-system gnu-build-system)
+ (home-page "http://www.lysator.liu.se/liboop/")
+ (synopsis "Event loop library")
+ (description "Liboop is a low-level event loop management library for
+POSIX-based operating systems. It supports the development of modular,
+multiplexed applications which may respond to events from several sources. It
+replaces the \"select() loop\" and allows the registration of event handlers
+for file and network I/O, timers and signals. Since processes use these
+mechanisms for almost all external communication, liboop can be used as the
+basis for almost any application.")
+ (license license:lgpl2.1+)))
+
+(define-public lsh
+ (package
+ (name "lsh")
+ (version "2.1")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "mirror://gnu/lsh/lsh-"
+ version ".tar.gz"))
+ (sha256
+ (base32
+ "1qqjy9zfzgny0rkb27c8c7dfsylvb6n0ld8h3an2r83pmaqr9gwb"))
+ (modules '((guix build utils)))
+ (snippet
+ '(begin
+ (substitute* "src/testsuite/functions.sh"
+ (("localhost")
+ ;; Avoid host name lookups since they don't work in
+ ;; chroot builds.
+ "127.0.0.1")
+ (("set -e")
+ ;; Make tests more verbose.
+ "set -e\nset -x"))
+
+ (substitute* (find-files "src/testsuite" "-test$")
+ (("localhost") "127.0.0.1"))
+
+ (substitute* "src/testsuite/login-auth-test"
+ (("/bin/cat") "cat"))))))
+ (build-system gnu-build-system)
+ (native-inputs
+ `(("m4" ,m4)
+ ("guile" ,guile-2.0)
+ ("gperf" ,gperf)
+ ("psmisc" ,psmisc))) ; for `killall'
+ (inputs
+ `(("nettle" ,nettle-2)
+ ("linux-pam" ,linux-pam)
+
+ ;; 'rl.c' uses the 'CPPFunction' type, which is no longer in
+ ;; Readline 6.3.
+ ("readline" ,readline-6.2)
+
+ ("liboop" ,liboop)
+ ("zlib" ,zlib)
+ ("gmp" ,gmp)
+
+ ;; The server (lshd) invokes xauth when X11 forwarding is requested.
+ ;; This adds 24 MiB (or 27%) to the closure of lsh.
+ ("xauth" ,xauth)))
+ (arguments
+ '(;; Skip the `configure' test that checks whether /dev/ptmx &
+ ;; co. work as expected, because it relies on impurities (for
+ ;; instance, /dev/pts may be unavailable in chroots.)
+ #:configure-flags '("lsh_cv_sys_unix98_ptys=yes")
+
+ ;; FIXME: Tests won't run in a chroot, presumably because
+ ;; /etc/profile is missing, and thus clients get an empty $PATH
+ ;; and nothing works.
+ #:tests? #f
+
+ #:phases
+ (modify-phases %standard-phases
+ (add-before 'configure 'pre-configure
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let* ((nettle (assoc-ref inputs "nettle"))
+ (sexp-conv (string-append nettle "/bin/sexp-conv")))
+ ;; Make sure 'lsh' and 'lshd' pick 'sexp-conv' in the right place
+ ;; by default.
+ (substitute* "src/environ.h.in"
+ (("^#define PATH_SEXP_CONV.*")
+ (string-append "#define PATH_SEXP_CONV \""
+ sexp-conv "\"\n")))
+
+ ;; Same for the 'lsh-authorize' script.
+ (substitute* "src/lsh-authorize"
+ (("=sexp-conv")
+ (string-append "=" sexp-conv)))
+
+ ;; Tell lshd where 'xauth' lives. Another option would be to
+ ;; hardcode "/run/current-system/profile/bin/xauth", thereby
+ ;; reducing the closure size, but that wouldn't work on foreign
+ ;; distros.
+ (with-fluids ((%default-port-encoding "ISO-8859-1"))
+ (substitute* "src/server_x11.c"
+ (("define XAUTH_PROGRAM.*")
+ (string-append "define XAUTH_PROGRAM \""
+ (assoc-ref inputs "xauth")
+ "/bin/xauth\"\n")))))
+
+ ;; Tests rely on $USER being set.
+ (setenv "USER" "guix"))))))
+ (home-page "http://www.lysator.liu.se/~nisse/lsh/")
+ (synopsis "GNU implementation of the Secure Shell (ssh) protocols")
+ (description
+ "GNU lsh is a free implementation of the SSH version 2 protocol. It is
+used to create a secure line of communication between two computers,
+providing shell access to the server system from the client. It provides
+both the server daemon and the client application, as well as tools for
+manipulating key files.")
+ (license license:gpl2+)))
diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm
index 33e1951..1eb9382 100644
--- a/gnu/services/ssh.scm
+++ b/gnu/services/ssh.scm
@@ -22,7 +22,7 @@
#:use-module (gnu services)
#:use-module (gnu services shepherd)
#:use-module (gnu system pam)
- #:use-module (gnu packages lsh)
+ #:use-module (gnu packages ssh)
#:use-module (srfi srfi-26)
#:export (lsh-service))
--
2.9.0
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH 2/2] services: Add 'dropbear-service'.
2016-07-13 16:13 [PATCH 0/2] Dropbear service take two David Craven
2016-07-13 16:13 ` [PATCH 1/2] gnu: lsh: Move to (gnu packages ssh) David Craven
@ 2016-07-13 16:13 ` David Craven
2016-07-15 16:00 ` Ludovic Courtès
1 sibling, 1 reply; 9+ messages in thread
From: David Craven @ 2016-07-13 16:13 UTC (permalink / raw)
To: guix-devel; +Cc: David Craven
* gnu/services/ssh.scm (dropbear-service, ...): New variables.
* doc/guix.texi: New node.
---
doc/guix.texi | 18 +++++++++++-
gnu/services/ssh.scm | 83 +++++++++++++++++++++++++++++++++++++++++++++++++---
2 files changed, 96 insertions(+), 5 deletions(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index 67ece1d..5c501bf 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -7738,7 +7738,7 @@ In addition, @var{extra-settings} specifies a string to append to the
configuration file.
@end deffn
-Furthermore, @code{(gnu services ssh)} provides the following service.
+Furthermore, @code{(gnu services ssh)} provides the following services.
@deffn {Scheme Procedure} lsh-service [#:host-key "/etc/lsh/host-key"] @
[#:daemonic? #t] [#:interfaces '()] [#:port-number 22] @
@@ -7776,6 +7776,22 @@ root.
The other options should be self-descriptive.
@end deffn
+@deffn {Scheme Procedure} dropbear-service @
+ [#:port-number 22] [#:root-login? #f] @
+ [#:allow-empty-passwords? #f] @
+ [#:password-authentication? #t] @
+ [#:syslog-output? #t]
+Run the @command{dropbear} program from @var{dropbear} to listen on port @var{port-number}.
+
+By default dropbear logs its output to syslogd, unless @var{syslog-output?} is
+set to false. This also makes dropbear-service depend on existence of syslogd
+service.
+
+@var{allow-empty-passwords?} specifies whether to accept connections to accounts
+with empty passwords, and @var{root-login?} specifies whether to accept logging in
+with the root account.
+@end deffn
+
@defvr {Scheme Variable} %facebook-host-aliases
This variable contains a string for use in @file{/etc/hosts}
(@pxref{Host Names,,, libc, The GNU C Library Reference Manual}). Each
diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm
index 1eb9382..bf7a5e2 100644
--- a/gnu/services/ssh.scm
+++ b/gnu/services/ssh.scm
@@ -17,14 +17,15 @@
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
(define-module (gnu services ssh)
- #:use-module (guix gexp)
- #:use-module (guix records)
+ #:use-module (gnu packages ssh)
#:use-module (gnu services)
#:use-module (gnu services shepherd)
#:use-module (gnu system pam)
- #:use-module (gnu packages ssh)
+ #:use-module (guix gexp)
+ #:use-module (guix records)
#:use-module (srfi srfi-26)
- #:export (lsh-service))
+ #:export (dropbear-service
+ lsh-service))
;;; Commentary:
;;;
@@ -235,4 +236,78 @@ The other options should be self-descriptive."
public-key-authentication?)
(initialize? initialize?))))
+;;;
+;;; Dropbear ssh server
+;;;
+
+(define-record-type* <dropbear-configuration>
+ dropbear-configuration make-dropbear-configuration
+ dropbear-configuration?
+ (dropbear dropbear-configuration-dropbear
+ (default dropbear))
+ (port-number dropbear-configuration-port-number)
+ (syslog-output? dropbear-configuration-syslog-output?)
+ (pid-file dropbear-configuration-pid-file)
+ (root-login? dropbear-configuration-root-login?)
+ (allow-empty-passwords? dropbear-configuration-allow-empty-passwords?)
+ (password-authentication? dropbear-configuration-password-authentication?))
+
+(define (dropbear-activation config)
+ "Return the activation gexp for CONFIG."
+ #~(begin
+ (mkdir-p "/etc/dropbear")))
+
+(define (dropbear-shepherd-service config)
+ "Return a <shepherd-service> for dropbear with CONFIG."
+ (define dropbear (dropbear-configuration-dropbear config))
+
+ (define dropbear-command
+ (append
+ (list
+ #~(string-append #$dropbear "/sbin/dropbear") "-F" "-R"
+ "-p" (number->string (dropbear-configuration-port-number config))
+ "-P" (dropbear-configuration-pid-file config))
+ (if (dropbear-configuration-syslog-output? config) '() '("-E"))
+ (if (dropbear-configuration-root-login? config) '() '("-w"))
+ (if (dropbear-configuration-password-authentication? config) '() '("-s" "-g"))
+ (if (dropbear-configuration-allow-empty-passwords? config) '("-B") '())))
+
+ (define requires
+ (if (dropbear-configuration-syslog-output? config)
+ '(networking syslogd) '(networking)))
+
+ (list (shepherd-service
+ (documentation "Dropbear ssh server")
+ (requirement requires)
+ (provision '(ssh-daemon))
+ (start #~(make-forkexec-constructor #$@dropbear-command))
+ (stop #~(make-kill-destructor)))))
+
+(define dropbear-service-type
+ (service-type (name 'dropbear)
+ (extensions
+ (list (service-extension shepherd-root-service-type
+ dropbear-shepherd-service)
+ (service-extension activation-service-type
+ dropbear-activation)))))
+
+(define* (dropbear-service #:key
+ (dropbear dropbear)
+ (port-number 22)
+ (allow-empty-passwords? #f)
+ (root-login? #f)
+ (syslog-output? #t)
+ (pid-file "/var/run/dropbear.pid")
+ (password-authentication? #t))
+ "Run the @command{dropbear} daemon from @var{dropbear} to start a ssh server."
+ (service dropbear-service-type
+ (dropbear-configuration
+ (dropbear dropbear)
+ (port-number port-number)
+ (allow-empty-passwords? allow-empty-passwords?)
+ (root-login? root-login?)
+ (syslog-output? syslog-output?)
+ (pid-file pid-file)
+ (password-authentication? password-authentication?))))
+
;;; ssh.scm ends here
--
2.9.0
^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: [PATCH 1/2] gnu: lsh: Move to (gnu packages ssh)
2016-07-13 16:13 ` [PATCH 1/2] gnu: lsh: Move to (gnu packages ssh) David Craven
@ 2016-07-15 15:13 ` Ludovic Courtès
0 siblings, 0 replies; 9+ messages in thread
From: Ludovic Courtès @ 2016-07-15 15:13 UTC (permalink / raw)
To: David Craven; +Cc: guix-devel
David Craven <david@craven.ch> skribis:
> * gnu/packages/lsh.scm: Remove. Move 'lsh and liboop' to...
> * gnu/packages/ssh.scm (liboop, lsh): ... here. New variables.
> * gnu/services/ssh.scm: Adjust accordingly.
> * gnu/local.mk: Adjust accordingly.
I adjusted gnu/services/base.scm and applied, thanks!
Ludo’.
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH 2/2] services: Add 'dropbear-service'.
2016-07-13 16:13 ` [PATCH 2/2] services: Add 'dropbear-service' David Craven
@ 2016-07-15 16:00 ` Ludovic Courtès
0 siblings, 0 replies; 9+ messages in thread
From: Ludovic Courtès @ 2016-07-15 16:00 UTC (permalink / raw)
To: David Craven; +Cc: guix-devel
David Craven <david@craven.ch> skribis:
> * gnu/services/ssh.scm (dropbear-service, ...): New variables.
> * doc/guix.texi: New node.
Applied with these modifications:
• I exposed and documented ‘dropbear-configuration’ (we should do the
same with ‘lsh-configuration’ eventually);
• I used the #:pid-file option of ‘make-forkexec-constructor’;
• Turned ‘dropbear-command’ into a gexp (instead of a list);
• Fixed indentation of a few things;
• Added a comment for “-R”.
• Added a copyright line for you;
• Added a full commit log.
Thanks!
Ludo’.
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2016-07-15 16:01 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-07-13 16:13 [PATCH 0/2] Dropbear service take two David Craven
2016-07-13 16:13 ` [PATCH 1/2] gnu: lsh: Move to (gnu packages ssh) David Craven
2016-07-15 15:13 ` Ludovic Courtès
2016-07-13 16:13 ` [PATCH 2/2] services: Add 'dropbear-service' David Craven
2016-07-15 16:00 ` Ludovic Courtès
-- strict thread matches above, loose matches on Subject: below --
2016-07-04 20:56 [PATCH 1/2] gnu: lsh: Move to (gnu packages ssh) David Craven
2016-07-05 6:01 ` Efraim Flashner
2016-07-05 6:24 ` Efraim Flashner
2016-07-05 11:47 ` David Craven
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).