From mboxrd@z Thu Jan 1 00:00:00 1970 From: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=) Subject: Re: [PATCH] gnu: Add Kerberos client service. Date: Wed, 23 Nov 2016 23:01:20 +0100 Message-ID: <87shqh500f.fsf@gnu.org> References: <87ziktyzs8.fsf@gnu.org> <1479837137-12251-1-git-send-email-jmd@gnu.org> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:59534) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1c9fbb-0002xl-DE for guix-devel@gnu.org; Wed, 23 Nov 2016 17:01:28 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1c9fbX-0005W5-BQ for guix-devel@gnu.org; Wed, 23 Nov 2016 17:01:27 -0500 Received: from fencepost.gnu.org ([2001:4830:134:3::e]:33883) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1c9fbX-0005Vw-8L for guix-devel@gnu.org; Wed, 23 Nov 2016 17:01:23 -0500 In-Reply-To: <1479837137-12251-1-git-send-email-jmd@gnu.org> (John Darrington's message of "Tue, 22 Nov 2016 18:52:17 +0100") List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: John Darrington Cc: guix-devel@gnu.org Hi! John Darrington skribis: > * doc/guix.texi: New subsubheading: Krb5 Service > * gnu/services/kerberos.scm: New variable: krb5-service-type. Please see =E2=80=98git log=E2=80=99 on how to introduce new sections and v= ariables. > +@subsubheading Krb5 Service > + > +The krb5 service provides the configuration for Kerberos clients, using > +the MIT implementation of the Kerberos protocol version@tie{}5. Maybe add: =E2=80=9C (the @code{mit-krb5} package).=E2=80=9D Also it would be good to add one or two sentences of context, like: Programs using the client library of @code{mit-krb5} expect such configuration files in @file{/etc/something} and read them to set up their Kerberos frobbing thingie. System administrators typically define the appropriate configuration based on the network's Kerberos foobar. Well, something like that. :-) > +@defvr {Scheme Variable} krb5-service-type > +A service type for Kerberos 5 clients. s/Kerberos 5/@code{mit-krb5}/ > +@lisp > +(service krb5-service-type (krb5-configuration > + (default-realm "EXAMPLE.COM") Please move the =E2=80=98krb5-configuration=E2=80=99 to the next line where= it will be aligned below =E2=80=98krb5-service-type=E2=80=99. This will ensure correc= t PDF/PS/DVI output as well as below-80 Info lines. > +@item @code{allow-weak-crypto?} (default: @code{#f}) > +If this flag is #t then services which only offer encryption algorithms @code{#t} > +(define-syntax define-configuration > + (lambda (stx) > + (define (id ctx part . parts) Nack! We already have two copies of that one, we won=E2=80=99t add a third one. :-) Fortunately, Julien submitted a patch to factorize it, so hopefully you can use the factorize =E2=80=98define-configuration=E2=80=99 in a day or tw= o. > +;; For a more detailed explanation of these fields see man 5 krb5.conf > +(define-configuration krb5-realm > + (name > + (string #f) > + "The name of the realm.") Really cool. > +;; LocalWords: Guix Maybe we can avoid that, but no big deal. So OK with changes along these lines when Julien=E2=80=99s factorization has landed. Thank you! Ludo=E2=80=99.