From mboxrd@z Thu Jan 1 00:00:00 1970 From: ng0 Subject: Re: Network with QEMU generated image (guix system vm)? Date: Tue, 27 Sep 2016 07:25:40 +0000 Message-ID: <874m51ztvv.fsf@we.make.ritual.n0.is> References: <87pont13rh.fsf@we.make.ritual.n0.is> <87a8exaw96.fsf@gnu.org> <87vaxlrqbf.fsf@we.make.ritual.n0.is> <8760plaulz.fsf@gnu.org> <878tuh2e25.fsf@we.make.ritual.n0.is> <87h9928t7j.fsf@gnu.org> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:37617) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bomm6-0000gT-Pd for guix-devel@gnu.org; Tue, 27 Sep 2016 03:26:00 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1bomm5-0002Yx-5O for guix-devel@gnu.org; Tue, 27 Sep 2016 03:25:58 -0400 In-Reply-To: <87h9928t7j.fsf@gnu.org> List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: Jan Nieuwenhuizen Cc: guix-devel@gnu.org Thanks, I've tried to apply a bit of this, however the problem seems to be no matter what I do, I get a read only filesystem. But strange enough: I can touch files. Having a readonly filesystem should prevent me from ping and git clone, but it can't do this. Because the file system is read only, gnunet-service can't write files I think, which prevents fetching the initial hostlist I configured to be fetched. But it could also be because I need to change some defaults I've set, however it should not prevent me from git clone and ping. Jan Nieuwenhuizen writes: > ng0 writes: > >> For a considerable long time and countless tries, that's why I'm asking >> about any way to do this as it just does not work. Just about anything >> which would work on GuixSD from a git checkout of guix.git is welcome. > > Find attached my ssh/lsh-seed hack to allow unattended entry into a vm > and a minimal vm description. > > Here's what I did > > 19:18:45 janneke@dundal:~/src/guix > $ guix system vm os.scm > /gnu/store/4rqrzxz8amzq7j599sfr2vsbwy01fx04-run-vm.sh -net user,hostfwd=tcp::2223-:2222& > 19:19:37 janneke@dundal:~/src/guix > $ ssh-keygen -f "$HOME/.ssh/known_hosts" -R [localhost]:2223 > [wait] > 19:19:40 janneke@dundal:~/src/guix > $ ssh localhost -p 2223 > .. RET RET > janneke@os ~$ GIT_SSL_NO_VERIFY=1 git clone https://gitlab.com/janneke/mes.git > Cloning into 'mes'... > remote: Counting objects: 969, done. > remote: Compressing objects: 100% (348/348), done. > remote: Total 969 (delta 654), reused 886 (delta 610) > Receiving objects: 100% (969/969), 316.35 KiB | 0 bytes/s, done. > Resolving deltas: 100% (654/654), done. > > What I don't understand: sometimes the clone works instantly, sometimes > I need to "wait a bit" until cloning or `ping gitlab.com' works. It > seemed to be always immediately available when I added the mcron and > rottlog test services, which confuses me even more. Might just be > coincidence. > > Greetings, > Jan > > From 8c8687407057ca9caa123905f7ca2e3feeffa203 Mon Sep 17 00:00:00 2001 > From: Jan Nieuwenhuizen > Date: Thu, 8 Sep 2016 14:09:28 +0200 > Subject: [PATCH] gnu: Add lsh-seed, lsh-service: use it. > > --- > gnu/packages/ssh.scm | 26 ++++++++++++++++++++++++++ > gnu/services/ssh.scm | 7 +++++++ > 2 files changed, 33 insertions(+) > > diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm > index b2612a4..5255848 100644 > --- a/gnu/packages/ssh.scm > +++ b/gnu/packages/ssh.scm > @@ -517,3 +517,29 @@ manipulating key files.") > authentication with SSH's so-called @dfn{interactive keyboard password > authentication}.") > (license license:gpl2+))) > + > +(use-modules (guix build-system trivial)) > +(define-public lsh-seed > + (package > + (name "lsh-seed") > + (version "0") > + (source #f) > + (build-system trivial-build-system) > + (arguments > + '(#:modules ((guix build utils)) > + #:builder > + (begin > + (use-modules (guix build utils)) > + (let* ((source (assoc-ref %build-inputs "source")) > + (out (assoc-ref %outputs "out")) > + (etc (string-append out "/etc")) > + (seed (string-append etc "/lsh-seed"))) > + (mkdir-p etc) > + (with-output-to-file seed > + (lambda () (display "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"))) > + (chmod seed #o400) > + #t)))) > + (home-page "http://localhost") > + (synopsis "lsh-seed") > + (description "lsh-seed") > + (license license:gpl3+))) > diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm > index 462988c..96ba3d7 100644 > --- a/gnu/services/ssh.scm > +++ b/gnu/services/ssh.scm > @@ -68,6 +68,13 @@ > (define (lsh-initialization lsh host-key) > "Return the gexp to initialize the LSH service for HOST-KEY." > #~(begin > + > + (unless (file-exists? #$%yarrow-seed) > + (when (file-exists? #$lsh-seed) > + (mkdir-p (dirname #$%yarrow-seed)) > + (copy-file (string-append #$lsh-seed "/etc/lsh-seed") #$%yarrow-seed) > + (chmod #$%yarrow-seed #o400))) > + > (unless (file-exists? #$%yarrow-seed) > (system* (string-append #$lsh "/bin/lsh-make-seed") > "--sloppy" "-o" #$%yarrow-seed)) > -- > 2.9.3 > > > > -- > Jan Nieuwenhuizen | GNU LilyPond http://lilypond.org > Freelance IT http://JoyofSource.com | AvatarĀ® http://AvatarAcademy.nl -- ng0