From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp2.migadu.com ([2001:41d0:403:4876::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms8.migadu.com with LMTPS id GHe4Ei5gsWWZ6gAAe85BDQ:P1 (envelope-from ) for ; Wed, 24 Jan 2024 20:08:30 +0100 Received: from aspmx1.migadu.com ([2001:41d0:403:4876::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp2.migadu.com with LMTPS id GHe4Ei5gsWWZ6gAAe85BDQ (envelope-from ) for ; Wed, 24 Jan 2024 20:08:30 +0100 X-Envelope-To: larch@yhetil.org Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=soeren-tempel.net header.s=opensmtpd header.b=RfdCZ4Fu; dmarc=fail reason="SPF not aligned (relaxed)" header.from=soeren-tempel.net (policy=none); spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org" ARC-Seal: i=1; s=key1; d=yhetil.org; t=1706123310; a=rsa-sha256; cv=none; b=gLymSBsq4oOcDXeNj8shPiUbT9McXggzOuUGgkOS3JD+iHEe3Puc4q0PSihLt/K0IJ8cAO Ukldr2Zh88PBrcEn1lJV5gOqTvWkSqwZGc9LM0RhWwoBUvbqrWezqRrgEtLt6v+IB44tw7 Bhe4R+3C/aOzCYBWHvMsonUt5Ftz6RjO/JNXrxCR3x9ozrBRGIfOuPGzuTzwh0fdLzZ30d Ytvn1KXgKX7l+FtxSIIamKRZ/CSSu+aVZQyq7ctquIst8llPr0jxpSrRIWorsV2wLuZ4QZ qhaloOHsxR2n2k7PMaRjxrRtTqe25I7okLKMbvjfkKLFxhdNgBB0FgtHGOVZGg== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=soeren-tempel.net header.s=opensmtpd header.b=RfdCZ4Fu; dmarc=fail reason="SPF not aligned (relaxed)" header.from=soeren-tempel.net (policy=none); spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org" ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1706123310; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:resent-cc: resent-from:resent-sender:resent-message-id:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=JNTXW/vdYPmufI0BMAf6koJeqxNyWhvMWoKD2JVStBQ=; b=eO3wjmDknNkHzwe7Bv8DYacsHzydqLqHVd+tAB/hxojcC0hCmSXKSfw+kfqF0seAr9dOZY FbWWx+Ov3ni8WJjBh93VS8FwAwjGGuYeiQlLYc0B42h5DOxqqsUwXJSXXkgWzopooPwrBX 5t3G87chomzgXlejn/8gjb9yqKd5332EloqLBVgmKZ0gmYdstNISp7P3z2s3inTrpFDhvo QtZgdSXEdNF5Jis8G1SthjYYQ+sNERVtv/1W3i29dI9aF1sXm84XvbHlc7xJ6+iPZrecrB HbM/Hm8kP7tvUkK60FA4JchezeaQW+eyA5VHy3lSo+IMYOqAFHxbIYeGr5KHnQ== Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 1A778B223 for ; Wed, 24 Jan 2024 20:08:30 +0100 (CET) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rSibP-0005XT-JX; Wed, 24 Jan 2024 14:07:59 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rSibN-0005XB-BZ for guix-patches@gnu.org; Wed, 24 Jan 2024 14:07:57 -0500 Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1rSibM-0002T0-KX for guix-patches@gnu.org; Wed, 24 Jan 2024 14:07:56 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1rSibR-0000kz-Vv for guix-patches@gnu.org; Wed, 24 Jan 2024 14:08:02 -0500 X-Loop: help-debbugs@gnu.org Subject: [bug#68675] [PATCH v2] services: dhcp: Support the dhcpcd implementation. Resent-From: soeren@soeren-tempel.net Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Wed, 24 Jan 2024 19:08:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 68675 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 68675@debbugs.gnu.org Received: via spool by 68675-submit@debbugs.gnu.org id=B68675.17061232672880 (code B ref 68675); Wed, 24 Jan 2024 19:08:01 +0000 Received: (at 68675) by debbugs.gnu.org; 24 Jan 2024 19:07:47 +0000 Received: from localhost ([127.0.0.1]:46581 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1rSibD-0000kO-0g for submit@debbugs.gnu.org; Wed, 24 Jan 2024 14:07:47 -0500 Received: from magnesium.8pit.net ([45.76.88.171]:6429) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1rSibA-0000kF-9z; Wed, 24 Jan 2024 14:07:45 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; s=opensmtpd; bh=AEE2kL6maT 2l8IYJpzF+ET0FejjYFPGKlkYKRWcHyBc=; h=references:in-reply-to:date: subject:to:from; d=soeren-tempel.net; b=RfdCZ4Fulz5aQPEPVTYUck9LPkIKLF IQ5LgYPAIpUFz7rBEbF1HuXBcg4HZA0rAEM9MA2N7sLoRQnZ3CfmzkX6J3K6vU35aixzxF PCgNEgR5GFcpprGehR66J3R/tBq/vgYQhQqGbGbU0V7Yqk+pF+S5W8wigbZ/lbYEh98uX1 I= Received: from localhost (dynamic-2a02-3102-49da-001b-a26a-e6c8-9697-b50f.310.pool.telefonica.de [2a02:3102:49da:1b:a26a:e6c8:9697:b50f]) by magnesium.8pit.net (OpenSMTPD) with ESMTPSA id 66f70464 (TLSv1.3:TLS_AES_256_GCM_SHA384:256:YES); Wed, 24 Jan 2024 20:07:38 +0100 (CET) From: soeren@soeren-tempel.net Date: Wed, 24 Jan 2024 20:05:13 +0100 Message-ID: <5aff02159575834de675684dfde71d2ec66f4b10.1706123111.git.soeren@soeren-tempel.net> X-Mailer: git-send-email 2.43.0 In-Reply-To: <2156325d2caa8d4298c9828d84fa5fff40592da4.1706123111.git.soeren@soeren-tempel.net> References: <2156325d2caa8d4298c9828d84fa5fff40592da4.1706123111.git.soeren@soeren-tempel.net> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: guix-patches-bounces+larch=yhetil.org@gnu.org X-Migadu-Flow: FLOW_IN X-Migadu-Country: US X-Migadu-Scanner: mx10.migadu.com X-Spam-Score: -4.57 X-Migadu-Queue-Id: 1A778B223 X-Migadu-Spam-Score: -4.57 X-TUID: gEpSSwHhXOR9 From: Sören Tempel Prior to this commit, the isc-dhcp implementation was the only DHCP implementation supported by dhcp-client-shepherd-service. This is problematic as the ISC implementation has reached end-of-life in 2022(!). As a first step to migrate away from isc-dhcp, this commit adds support for dhcpcd to dhcp-client-shepherd-service. Currently, it has to be enabled explicitly via the package field of the dhcp-client-configuration. In the future, it is intended to become the default to migrate away from isc-dhcp. While at it, also remove isc-dhcp from %base-packages as it is no longer necessarily needed and it will be pulled in by the DHCP client service if required. See also: https://issues.guix.gnu.org/68619 * gnu/services/networking.scm (dhcp-client-shepherd-service): Add support for the dhcpcd client implementation. * gnu/services/networking.scm (dhcp-client-account-service): New procedure. * gnu/services/networking.scm (dhcp-client-service-type): Add optional account-service-type extensions (needed for dhcpcd). * gnu/system.scm (%base-packages-networking): Remove isc-dhcp from %base-packages (will be pulled in by dhcp-client-shepherd-service). Signed-off-by: Sören Tempel --- Changes since v1: * Remove isc-dhcp from %base-packages gnu/services/networking.scm | 84 ++++++++++++++++++++++++++----------- gnu/system.scm | 2 +- 2 files changed, 61 insertions(+), 25 deletions(-) diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm index 495d049728..3621e2bda2 100644 --- a/gnu/services/networking.scm +++ b/gnu/services/networking.scm @@ -316,25 +316,21 @@ (define-record-type* (define dhcp-client-shepherd-service (match-lambda ((? dhcp-client-configuration? config) - (let ((package (dhcp-client-configuration-package config)) - (requirement (dhcp-client-configuration-shepherd-requirement config)) - (provision (dhcp-client-configuration-shepherd-provision config)) - (interfaces (dhcp-client-configuration-interfaces config)) - (pid-file "/var/run/dhclient.pid")) + (let* ((package (dhcp-client-configuration-package config)) + (client-name (package-name package)) + (requirement (dhcp-client-configuration-shepherd-requirement config)) + (provision (dhcp-client-configuration-shepherd-provision config)) + (interfaces (dhcp-client-configuration-interfaces config))) (list (shepherd-service (documentation "Set up networking via DHCP.") (requirement `(user-processes udev ,@requirement)) (provision provision) - ;; XXX: Running with '-nw' ("no wait") avoids blocking for a minute when - ;; networking is unavailable, but also means that the interface is not up - ;; yet when 'start' completes. To wait for the interface to be ready, one - ;; should instead monitor udev events. (start #~(lambda _ - (define dhclient - (string-append #$package "/sbin/dhclient")) + (use-modules (ice-9 popen) + (ice-9 rdelim)) - ;; When invoked without any arguments, 'dhclient' discovers all + ;; When invoked without any arguments, the client discovers all ;; non-loopback interfaces *that are up*. However, the relevant ;; interfaces are typically down at this point. Thus we perform ;; our own interface discovery here. @@ -355,17 +351,40 @@ (define dhcp-client-shepherd-service (_ #~'#$interfaces)))) - (false-if-exception (delete-file #$pid-file)) - (let ((pid (fork+exec-command - ;; By default dhclient uses a - ;; pre-standardization implementation of - ;; DDNS, which is incompatable with - ;; non-ISC DHCP servers; thus, pass '-I'. - ;; . - (cons* dhclient "-nw" "-I" - "-pf" #$pid-file ifaces)))) - (and (zero? (cdr (waitpid pid))) - (read-pid-file #$pid-file))))) + ;; Returns the execution configuration for the DHCP client + ;; selected by the package field of dhcp-client-configuration. + ;; The configuration is a pair of pidfile and execution command + ;; where the latter is a list. + (define exec-config + (case (string->symbol #$client-name) + ((isc-dhcp) + (let ((pid-file "/var/run/dhclient.pid")) + (cons + (cons* (string-append #$package "/sbin/dhclient") + "-nw" "-I" "-pf" pid-file ifaces) + pid-file))) + ((dhcpcd) + ;; For dhcpcd, the utilized pid-file depends on the + ;; command-line arguments. If multiple interfaces are + ;; given, a different pid-file is returned. Hence, we + ;; consult dhcpcd itself to determine the pid-file. + (let* ((cmd (string-append #$package "/sbin/dhcpcd")) + (arg (cons* cmd "-b" ifaces))) + (cons arg + (let* ((pipe (string-join (append arg '("-P")) " ")) + (port (open-input-pipe pipe)) + (path (read-line port))) + (close-pipe port) + path)))) + (else + (error (G_ "unknown 'package' value in dhcp-client-configuration"))))) + + (let ((pid-file (cdr exec-config)) + (exec-cmd (car exec-config))) + (false-if-exception (delete-file pid-file)) + (let ((pid (fork+exec-command exec-cmd))) + (and (zero? (cdr (waitpid pid))) + (read-pid-file pid-file)))))) (stop #~(make-kill-destructor)))))) (package (warning (G_ "'dhcp-client' service now expects a \ @@ -377,10 +396,27 @@ (define dhcp-client-shepherd-service (dhcp-client-configuration (package package)))))) +(define (dhcp-client-account-service config) + (let ((package (dhcp-client-configuration-package config))) + ;; Contrary to other DHCP clients (e.g. dhclient), dhcpcd supports + ;; privilege separation. Hence, we need to create an account here. + (if (string=? "dhcpcd" (package-name package)) + (list (user-group (name "dhcpcd") (system? #t)) + (user-account + (name "dhcpcd") + (group "dhcpcd") + (system? #t) + (comment "dhcpcd daemon user") + (home-directory "/var/empty") + (shell "/run/current-system/profile/sbin/nologin"))) + '()))) + (define dhcp-client-service-type (service-type (name 'dhcp-client) (extensions - (list (service-extension shepherd-root-service-type + (list (service-extension account-service-type + dhcp-client-account-service) + (service-extension shepherd-root-service-type dhcp-client-shepherd-service))) (default-value (dhcp-client-configuration)) (description "Run @command{dhcp}, a Dynamic Host Configuration diff --git a/gnu/system.scm b/gnu/system.scm index 3cd64a5c9f..a7676ec90e 100644 --- a/gnu/system.scm +++ b/gnu/system.scm @@ -917,7 +917,7 @@ (define %base-packages-interactive (define %base-packages-networking ;; Default set of networking packages. - (list inetutils isc-dhcp + (list inetutils iproute wget ;; wireless-tools is deprecated in favor of iw, but it's still what