unofficial mirror of guix-devel@gnu.org 
 help / color / mirror / code / Atom feed
* [PATCH 1/2] gnu: lsh: Move to (gnu packages ssh)
@ 2016-07-04 20:56 David Craven
  2016-07-04 20:56 ` [PATCH 2/2] services: Add 'dropbear-service' David Craven
  2016-07-05  6:01 ` [PATCH 1/2] gnu: lsh: Move to (gnu packages ssh) Efraim Flashner
  0 siblings, 2 replies; 20+ messages in thread
From: David Craven @ 2016-07-04 20:56 UTC (permalink / raw)
  To: guix-devel; +Cc: David Craven

* gnu/packages/lsh.scm: Remove.  Move 'lsh and liboop' to...
* gnu/packages/ssh.scm (liboop, lsh): ... here.  New variables.
* gnu/services/ssh.scm: Adjust accordingly.
---
 gnu/packages/lsh.scm | 159 ---------------------------------------------------
 gnu/packages/ssh.scm | 157 ++++++++++++++++++++++++++++++++++++++++++++++----
 gnu/services/ssh.scm |   2 +-
 3 files changed, 146 insertions(+), 172 deletions(-)
 delete mode 100644 gnu/packages/lsh.scm

diff --git a/gnu/packages/lsh.scm b/gnu/packages/lsh.scm
deleted file mode 100644
index 2ea1591..0000000
--- a/gnu/packages/lsh.scm
+++ /dev/null
@@ -1,159 +0,0 @@
-;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2012, 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
-;;;
-;;; This file is part of GNU Guix.
-;;;
-;;; GNU Guix is free software; you can redistribute it and/or modify it
-;;; under the terms of the GNU General Public License as published by
-;;; the Free Software Foundation; either version 3 of the License, or (at
-;;; your option) any later version.
-;;;
-;;; GNU Guix is distributed in the hope that it will be useful, but
-;;; WITHOUT ANY WARRANTY; without even the implied warranty of
-;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-;;; GNU General Public License for more details.
-;;;
-;;; You should have received a copy of the GNU General Public License
-;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
-
-(define-module (gnu packages lsh)
-  #:use-module ((guix licenses) #:prefix license:)
-  #:use-module (guix packages)
-  #:use-module (guix download)
-  #:use-module (guix build-system gnu)
-  #:use-module (gnu packages)
-  #:use-module (gnu packages m4)
-  #:use-module (gnu packages linux)
-  #:use-module (gnu packages nettle)
-  #:use-module (gnu packages compression)
-  #:use-module (gnu packages multiprecision)
-  #:use-module (gnu packages readline)
-  #:use-module (gnu packages gperf)
-  #:use-module (gnu packages guile)
-  #:use-module (gnu packages xorg))
-
-(define-public liboop
-  (package
-    (name "liboop")
-    (version "1.0")
-    (source
-     (origin
-      (method url-fetch)
-      (uri (string-append "http://download.ofb.net/liboop/liboop-"
-                          version ".tar.gz"))
-      (sha256
-       (base32
-        "0z6rlalhvfca64jpvksppc9bdhs7jwhiw4y35g5ibvh91xp3rn1l"))
-      (patches (search-patches "liboop-mips64-deplibs-fix.patch"))))
-    (build-system gnu-build-system)
-    (home-page "http://www.lysator.liu.se/liboop/")
-    (synopsis "Event loop library")
-    (description "Liboop is a low-level event loop management library for
-POSIX-based operating systems.  It supports the development of modular,
-multiplexed applications which may respond to events from several sources.  It
-replaces the \"select() loop\" and allows the registration of event handlers
-for file and network I/O, timers and signals.  Since processes use these
-mechanisms for almost all external communication, liboop can be used as the
-basis for almost any application.")
-    (license license:lgpl2.1+)))
-
-(define-public lsh
-  (package
-    (name "lsh")
-    (version "2.1")
-    (source (origin
-              (method url-fetch)
-              (uri (string-append "mirror://gnu/lsh/lsh-"
-                                  version ".tar.gz"))
-              (sha256
-               (base32
-                "1qqjy9zfzgny0rkb27c8c7dfsylvb6n0ld8h3an2r83pmaqr9gwb"))
-              (modules '((guix build utils)))
-              (snippet
-               '(begin
-                  (substitute* "src/testsuite/functions.sh"
-                    (("localhost")
-                     ;; Avoid host name lookups since they don't work in
-                     ;; chroot builds.
-                     "127.0.0.1")
-                    (("set -e")
-                     ;; Make tests more verbose.
-                     "set -e\nset -x"))
-
-                  (substitute* (find-files "src/testsuite" "-test$")
-                    (("localhost") "127.0.0.1"))
-
-                  (substitute* "src/testsuite/login-auth-test"
-                    (("/bin/cat") "cat"))))))
-    (build-system gnu-build-system)
-    (native-inputs
-     `(("m4" ,m4)
-       ("guile" ,guile-2.0)
-       ("gperf" ,gperf)
-       ("psmisc" ,psmisc)))                       ; for `killall'
-    (inputs
-     `(("nettle" ,nettle-2)
-       ("linux-pam" ,linux-pam)
-
-       ;; 'rl.c' uses the 'CPPFunction' type, which is no longer in
-       ;; Readline 6.3.
-       ("readline" ,readline-6.2)
-
-       ("liboop" ,liboop)
-       ("zlib" ,zlib)
-       ("gmp" ,gmp)
-
-       ;; The server (lshd) invokes xauth when X11 forwarding is requested.
-       ;; This adds 24 MiB (or 27%) to the closure of lsh.
-       ("xauth" ,xauth)))
-    (arguments
-     '(;; Skip the `configure' test that checks whether /dev/ptmx &
-       ;; co. work as expected, because it relies on impurities (for
-       ;; instance, /dev/pts may be unavailable in chroots.)
-       #:configure-flags '("lsh_cv_sys_unix98_ptys=yes")
-
-       ;; FIXME: Tests won't run in a chroot, presumably because
-       ;; /etc/profile is missing, and thus clients get an empty $PATH
-       ;; and nothing works.
-       #:tests? #f
-
-       #:phases
-       (modify-phases %standard-phases
-         (add-before 'configure 'pre-configure
-           (lambda* (#:key inputs #:allow-other-keys)
-             (let* ((nettle    (assoc-ref inputs "nettle"))
-                    (sexp-conv (string-append nettle "/bin/sexp-conv")))
-               ;; Make sure 'lsh' and 'lshd' pick 'sexp-conv' in the right place
-               ;; by default.
-               (substitute* "src/environ.h.in"
-                 (("^#define PATH_SEXP_CONV.*")
-                  (string-append "#define PATH_SEXP_CONV \""
-                                 sexp-conv "\"\n")))
-
-               ;; Same for the 'lsh-authorize' script.
-               (substitute* "src/lsh-authorize"
-                 (("=sexp-conv")
-                  (string-append "=" sexp-conv)))
-
-               ;; Tell lshd where 'xauth' lives.  Another option would be to
-               ;; hardcode "/run/current-system/profile/bin/xauth", thereby
-               ;; reducing the closure size, but that wouldn't work on foreign
-               ;; distros.
-               (with-fluids ((%default-port-encoding "ISO-8859-1"))
-                 (substitute* "src/server_x11.c"
-                   (("define XAUTH_PROGRAM.*")
-                    (string-append "define XAUTH_PROGRAM \""
-                                   (assoc-ref inputs "xauth")
-                                   "/bin/xauth\"\n")))))
-
-             ;; Tests rely on $USER being set.
-             (setenv "USER" "guix"))))))
-    (home-page "http://www.lysator.liu.se/~nisse/lsh/")
-    (synopsis "GNU implementation of the Secure Shell (ssh) protocols")
-    (description
-     "GNU lsh is a free implementation of the SSH version 2 protocol.  It is
-used to create a secure line of communication between two computers,
-providing shell access to the server system from the client.  It provides
-both the server daemon and the client application, as well as tools for
-manipulating key files.")
-    (license license:gpl2+)))
diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm
index b8f107b..f764ab9 100644
--- a/gnu/packages/ssh.scm
+++ b/gnu/packages/ssh.scm
@@ -20,27 +20,34 @@
 ;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
 
 (define-module (gnu packages ssh)
-  #:use-module ((guix licenses) #:prefix license:)
+  #:use-module (gnu packages)
+  #:use-module (gnu packages autotools)
+  #:use-module (gnu packages base)
+  #:autoload   (gnu packages boost) (boost)
   #:use-module (gnu packages compression)
+  #:use-module (gnu packages elf)
   #:use-module (gnu packages gnupg)
+  #:use-module (gnu packages gperf)
   #:use-module (gnu packages groff)
-  #:use-module (gnu packages elf)
   #:use-module (gnu packages guile)
-  #:use-module (gnu packages pkg-config)
-  #:use-module (gnu packages autotools)
-  #:use-module (gnu packages texinfo)
-  #:use-module (gnu packages perl)
+  #:use-module (gnu packages linux)
+  #:use-module (gnu packages m4)
+  #:use-module (gnu packages multiprecision)
   #:use-module (gnu packages ncurses)
+  #:use-module (gnu packages nettle)
+  #:use-module (gnu packages perl)
+  #:use-module (gnu packages pkg-config)
   #:autoload   (gnu packages protobuf) (protobuf)
-  #:autoload   (gnu packages boost) (boost)
-  #:use-module (gnu packages base)
+  #:use-module (gnu packages readline)
+  #:use-module (gnu packages texinfo)
   #:use-module (gnu packages tls)
-  #:use-module (gnu packages)
-  #:use-module (guix packages)
+  #:use-module (gnu packages xorg)
+  #:use-module (guix build-system cmake)
+  #:use-module (guix build-system gnu)
   #:use-module (guix download)
   #:use-module (guix git-download)
-  #:use-module (guix build-system gnu)
-  #:use-module (guix build-system cmake))
+  #:use-module ((guix licenses) #:prefix license:)
+  #:use-module (guix packages))
 
 (define-public libssh
   (package
@@ -355,3 +362,129 @@ client.  It runs on a variety of POSIX-based platforms.  Dropbear is
 particularly useful for embedded systems, such as wireless routers.")
     (home-page "https://matt.ucc.asn.au/dropbear/dropbear.html")
     (license (license:x11-style "" "See file LICENSE."))))
+
+(define-public liboop
+  (package
+    (name "liboop")
+    (version "1.0")
+    (source
+     (origin
+      (method url-fetch)
+      (uri (string-append "http://download.ofb.net/liboop/liboop-"
+                          version ".tar.gz"))
+      (sha256
+       (base32
+        "0z6rlalhvfca64jpvksppc9bdhs7jwhiw4y35g5ibvh91xp3rn1l"))
+      (patches (search-patches "liboop-mips64-deplibs-fix.patch"))))
+    (build-system gnu-build-system)
+    (home-page "http://www.lysator.liu.se/liboop/")
+    (synopsis "Event loop library")
+    (description "Liboop is a low-level event loop management library for
+POSIX-based operating systems.  It supports the development of modular,
+multiplexed applications which may respond to events from several sources.  It
+replaces the \"select() loop\" and allows the registration of event handlers
+for file and network I/O, timers and signals.  Since processes use these
+mechanisms for almost all external communication, liboop can be used as the
+basis for almost any application.")
+    (license license:lgpl2.1+)))
+
+(define-public lsh
+  (package
+    (name "lsh")
+    (version "2.1")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append "mirror://gnu/lsh/lsh-"
+                                  version ".tar.gz"))
+              (sha256
+               (base32
+                "1qqjy9zfzgny0rkb27c8c7dfsylvb6n0ld8h3an2r83pmaqr9gwb"))
+              (modules '((guix build utils)))
+              (snippet
+               '(begin
+                  (substitute* "src/testsuite/functions.sh"
+                    (("localhost")
+                     ;; Avoid host name lookups since they don't work in
+                     ;; chroot builds.
+                     "127.0.0.1")
+                    (("set -e")
+                     ;; Make tests more verbose.
+                     "set -e\nset -x"))
+
+                  (substitute* (find-files "src/testsuite" "-test$")
+                    (("localhost") "127.0.0.1"))
+
+                  (substitute* "src/testsuite/login-auth-test"
+                    (("/bin/cat") "cat"))))))
+    (build-system gnu-build-system)
+    (native-inputs
+     `(("m4" ,m4)
+       ("guile" ,guile-2.0)
+       ("gperf" ,gperf)
+       ("psmisc" ,psmisc)))                       ; for `killall'
+    (inputs
+     `(("nettle" ,nettle-2)
+       ("linux-pam" ,linux-pam)
+
+       ;; 'rl.c' uses the 'CPPFunction' type, which is no longer in
+       ;; Readline 6.3.
+       ("readline" ,readline-6.2)
+
+       ("liboop" ,liboop)
+       ("zlib" ,zlib)
+       ("gmp" ,gmp)
+
+       ;; The server (lshd) invokes xauth when X11 forwarding is requested.
+       ;; This adds 24 MiB (or 27%) to the closure of lsh.
+       ("xauth" ,xauth)))
+    (arguments
+     '(;; Skip the `configure' test that checks whether /dev/ptmx &
+       ;; co. work as expected, because it relies on impurities (for
+       ;; instance, /dev/pts may be unavailable in chroots.)
+       #:configure-flags '("lsh_cv_sys_unix98_ptys=yes")
+
+       ;; FIXME: Tests won't run in a chroot, presumably because
+       ;; /etc/profile is missing, and thus clients get an empty $PATH
+       ;; and nothing works.
+       #:tests? #f
+
+       #:phases
+       (modify-phases %standard-phases
+         (add-before 'configure 'pre-configure
+           (lambda* (#:key inputs #:allow-other-keys)
+             (let* ((nettle    (assoc-ref inputs "nettle"))
+                    (sexp-conv (string-append nettle "/bin/sexp-conv")))
+               ;; Make sure 'lsh' and 'lshd' pick 'sexp-conv' in the right place
+               ;; by default.
+               (substitute* "src/environ.h.in"
+                 (("^#define PATH_SEXP_CONV.*")
+                  (string-append "#define PATH_SEXP_CONV \""
+                                 sexp-conv "\"\n")))
+
+               ;; Same for the 'lsh-authorize' script.
+               (substitute* "src/lsh-authorize"
+                 (("=sexp-conv")
+                  (string-append "=" sexp-conv)))
+
+               ;; Tell lshd where 'xauth' lives.  Another option would be to
+               ;; hardcode "/run/current-system/profile/bin/xauth", thereby
+               ;; reducing the closure size, but that wouldn't work on foreign
+               ;; distros.
+               (with-fluids ((%default-port-encoding "ISO-8859-1"))
+                 (substitute* "src/server_x11.c"
+                   (("define XAUTH_PROGRAM.*")
+                    (string-append "define XAUTH_PROGRAM \""
+                                   (assoc-ref inputs "xauth")
+                                   "/bin/xauth\"\n")))))
+
+             ;; Tests rely on $USER being set.
+             (setenv "USER" "guix"))))))
+    (home-page "http://www.lysator.liu.se/~nisse/lsh/")
+    (synopsis "GNU implementation of the Secure Shell (ssh) protocols")
+    (description
+     "GNU lsh is a free implementation of the SSH version 2 protocol.  It is
+used to create a secure line of communication between two computers,
+providing shell access to the server system from the client.  It provides
+both the server daemon and the client application, as well as tools for
+manipulating key files.")
+    (license license:gpl2+)))
diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm
index 33e1951..1eb9382 100644
--- a/gnu/services/ssh.scm
+++ b/gnu/services/ssh.scm
@@ -22,7 +22,7 @@
   #:use-module (gnu services)
   #:use-module (gnu services shepherd)
   #:use-module (gnu system pam)
-  #:use-module (gnu packages lsh)
+  #:use-module (gnu packages ssh)
   #:use-module (srfi srfi-26)
   #:export (lsh-service))
 
-- 
2.9.0

^ permalink raw reply related	[flat|nested] 20+ messages in thread
* [PATCH 0/2] Dropbear service take two.
@ 2016-07-13 16:13 David Craven
  2016-07-13 16:13 ` [PATCH 2/2] services: Add 'dropbear-service' David Craven
  0 siblings, 1 reply; 20+ messages in thread
From: David Craven @ 2016-07-13 16:13 UTC (permalink / raw)
  To: guix-devel; +Cc: David Craven

Changes from previous version:
* Service initialization is reduced to just creating the "/etc/dropbear"
directory.
* The initialize and host-key options are removed.
* The -R flag has been added to dropbear.

Example service file:
```scheme
(use-modules (gnu))
(use-service-modules base networking ssh)

(operating-system
  (host-name "test")
  (timezone "Europe/Zurich")
  (locale "en_US.UTF-8")

  (bootloader (grub-configuration (device "/dev/vda")))

  (file-systems (cons
    (file-system
      (device "/dev/vda1")
      (mount-point "/")
      (type "ext4"))
    %base-file-systems))

  (users (cons
    (user-account
      (name "test")
      (group "users")
      (supplementary-groups '("wheel"))
      (home-directory "/home/test")
      (password "sa5JEXtYx/rm6")) ;; password pass
    %base-user-accounts))

  (packages %base-packages)

  (services (cons*
    (dhcp-client-service)
    (dropbear-service
      #:port-number 22
      #:allow-empty-passwords? #t
      #:root-login? #t
      #:syslog-output? #t
      #:pid-file "/var/run/dropbear.pid"
      #:password-authentication? #t)
    (rngd-service)
    %base-services)))
```

Additional information:

This patch is needed, just adding -net user,hostfwd=tcp::10022-:22 at the end
didn't work for me.

```diff
diff --git a/gnu/system/vm.scm b/gnu/system/vm.scm
index 676e89d..68aab5d 100644
--- a/gnu/system/vm.scm
+++ b/gnu/system/vm.scm
@@ -468,7 +468,7 @@ with '-virtfs' options for the host file systems listed in SHARED-FS."
            "")
      " -no-reboot -net nic,model=virtio \
   " #$@(map virtfs-option shared-fs) " \
-  -net user \
+  -net user,hostfwd=tcp::10022-:22 \
   -vga std \
   -drive file=" #$image
   ",if=virtio,cache=writeback,werror=report,readonly \
```

You can use this command to connect to dropbear:

ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no test@localhost -p 10022

I'm currently having an issue with all guix operations after commit 4ee96a7 but I
tested it with previous commits. I'm assuming that the problem is related to nixos
and that it shouldn't affect people using guixsd.

David Craven (2):
  gnu: lsh: Move to (gnu packages ssh)
  services: Add 'dropbear-service'.

 doc/guix.texi        |  18 +++++-
 gnu/local.mk         |   1 -
 gnu/packages/lsh.scm | 159 ---------------------------------------------------
 gnu/packages/ssh.scm | 158 ++++++++++++++++++++++++++++++++++++++++++++++----
 gnu/services/ssh.scm |  83 +++++++++++++++++++++++++--
 5 files changed, 242 insertions(+), 177 deletions(-)
 delete mode 100644 gnu/packages/lsh.scm

--
2.9.0

^ permalink raw reply related	[flat|nested] 20+ messages in thread

end of thread, other threads:[~2016-07-15 16:01 UTC | newest]

Thread overview: 20+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-07-04 20:56 [PATCH 1/2] gnu: lsh: Move to (gnu packages ssh) David Craven
2016-07-04 20:56 ` [PATCH 2/2] services: Add 'dropbear-service' David Craven
2016-07-07 17:25   ` Leo Famulari
2016-07-07 17:54     ` David Craven
2016-07-09 14:39       ` David Craven
2016-07-09 18:32         ` Leo Famulari
2016-07-09 21:31           ` David Craven
2016-07-09 22:41     ` Leo Famulari
2016-07-09 22:43       ` Leo Famulari
2016-07-09 23:03         ` David Craven
2016-07-09 23:34           ` David Craven
2016-07-11  8:33         ` Ludovic Courtès
2016-07-13 13:09           ` David Craven
2016-07-13 15:58             ` David Craven
2016-07-13 16:25               ` David Craven
2016-07-05  6:01 ` [PATCH 1/2] gnu: lsh: Move to (gnu packages ssh) Efraim Flashner
2016-07-05  6:24   ` Efraim Flashner
2016-07-05 11:47     ` David Craven
  -- strict thread matches above, loose matches on Subject: below --
2016-07-13 16:13 [PATCH 0/2] Dropbear service take two David Craven
2016-07-13 16:13 ` [PATCH 2/2] services: Add 'dropbear-service' David Craven
2016-07-15 16:00   ` Ludovic Courtès

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/guix.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).