From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp11.migadu.com ([2001:41d0:403:4876::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms8.migadu.com with LMTPS id OFipG9UsaWVeXAAA9RJhRA:P1 (envelope-from ) for ; Fri, 01 Dec 2023 01:46:13 +0100 Received: from aspmx1.migadu.com ([2001:41d0:403:4876::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp11.migadu.com with LMTPS id OFipG9UsaWVeXAAA9RJhRA (envelope-from ) for ; Fri, 01 Dec 2023 01:46:13 +0100 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 882FC5E7BC for ; Fri, 1 Dec 2023 01:46:12 +0100 (CET) Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=lease-up.com header.s=2017 header.b="P/OQnjJ3"; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org"; dmarc=pass (policy=none) header.from=gnu.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1701391573; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding:resent-cc: resent-from:resent-sender:resent-message-id:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=l5vCiGRHJFe4dC9AC3VJRTRyg2qWKF17hixRei/nKjU=; b=ZUCq6LyNRdMieWeWgjRChV1Ls/id9hBZbzTWNj0EG90xMcVU6um2DpyLRemPDX5xhGSMqA b0Ld4h162BSt8k3CUUxNY+RJoUz6rDprp6RSfFofShOLJue91XquBYr7A8lXGfkGIHzpcr k2hqEWNcMAZuPSvg5iuCSchFGGStKH9OsGgdvgIr9v8Qd76LsRdAy8CFSNyx+hmQnAsqkq ZIATQLdzo2ApikCIdCMk3XEJetTceh0uheoZVn2JvX2vq9R+yUJL8m8arKBWYCNUnipRxC Xp993YfPi+NATkGLVeqHSeU2CsIClUSprdu15fwJ/EM+LvCPx3a8CLufdYqCjA== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=lease-up.com header.s=2017 header.b="P/OQnjJ3"; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org"; dmarc=pass (policy=none) header.from=gnu.org ARC-Seal: i=1; s=key1; d=yhetil.org; t=1701391573; a=rsa-sha256; cv=none; b=MfYe9pAc1m9tMoBGw2fAqoejPCDB/MYQj/TE29zU7OrHdt7Qzbo/6LECCSOW76kHJCaYRI ZzcQzpGmpJU8IxDDdX5XLnRItjI4hn8yFQ7bcZn4TSmIGp+3lj6yNvPODTle2ByF8w6uaR eYDOQ5vDvddOvmkaoV3yvpeB/LTUGrcyLZ4JcqLy9QjhWd6Ltrvgh71kaEIpNyuTPYOrtS 2gD+PHQG/Vl3rxRR8+qY16Mq1w8waJlpT50Xva9QLCJ9ACQ136lpF3/6cfqkoYnjxK28bx yYddrCXAAJSsSXiBOZNtdcIA6U054xuUX31AxbWp/eh6xiUTIh/WygqswTxisw== Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1r8rfH-0007an-Jy; Thu, 30 Nov 2023 19:45:55 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1r8rfG-0007Zw-5e for guix-patches@gnu.org; Thu, 30 Nov 2023 19:45:54 -0500 Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1r8rfF-0002fw-PO for guix-patches@gnu.org; Thu, 30 Nov 2023 19:45:53 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1r8rfO-0008RM-0d for guix-patches@gnu.org; Thu, 30 Nov 2023 19:46:02 -0500 X-Loop: help-debbugs@gnu.org Subject: [bug#67555] [PATCH 1/2] services: kerberos.scm: Rename krb5-service-type and krb5-configuration. Resent-From: Felix Lechner Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Fri, 01 Dec 2023 00:46:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 67555 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 67555@debbugs.gnu.org Cc: Felix Lechner Received: via spool by 67555-submit@debbugs.gnu.org id=B67555.170139154832412 (code B ref 67555); Fri, 01 Dec 2023 00:46:01 +0000 Received: (at 67555) by debbugs.gnu.org; 1 Dec 2023 00:45:48 +0000 Received: from localhost ([127.0.0.1]:54763 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1r8rfA-0008Qh-9Z for submit@debbugs.gnu.org; Thu, 30 Nov 2023 19:45:48 -0500 Received: from sail-ipv4.us-core.com ([208.82.101.137]:60898) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1r8rf8-0008QZ-A7 for 67555@debbugs.gnu.org; Thu, 30 Nov 2023 19:45:47 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; s=2017; bh=5Ay5GIgtBpEOjs3 0ZAwBJLf93Kk+UFpi2OEqz7wER9M=; h=references:in-reply-to:date:subject: cc:to:from; d=lease-up.com; b=P/OQnjJ34APwSk0YRdkhJO3Q1T09xNJmKoeecKHp cU0zQeKV4romXn1zc9BxGXgtS/DembtjIkJheXAEBZ9qxP7RHLP/np/hOHJ2Y+YZT/uDCn wbR9DRKIYsxBQiBJM+0vgI/HxFtHL2WEKzDyp8N8kVgbN0bzJmM07JWzwzY7c= Received: by sail-ipv4.us-core.com (OpenSMTPD) with ESMTPSA id 8cdcaadf (TLSv1.3:TLS_CHACHA20_POLY1305_SHA256:256:NO); Fri, 1 Dec 2023 00:45:36 +0000 (UTC) Received: from localhost (localhost [local]) by localhost (OpenSMTPD) with ESMTPA id 9dcd47a8; Fri, 1 Dec 2023 00:45:36 +0000 (UTC) Date: Thu, 30 Nov 2023 16:45:11 -0800 Message-ID: <7f5ebe249e930c046dafdfc3fb31985d5b820b07.1701390969.git.felix.lechner@lease-up.com> X-Mailer: git-send-email 2.41.0 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-to: Felix Lechner X-ACL-Warn: , Felix Lechner via Guix-patches From: Felix Lechner via Guix-patches via Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: guix-patches-bounces+larch=yhetil.org@gnu.org X-Migadu-Flow: FLOW_IN X-Migadu-Country: US X-Migadu-Queue-Id: 882FC5E7BC X-Spam-Score: -6.14 X-Migadu-Scanner: mx10.migadu.com X-Migadu-Spam-Score: -6.14 X-TUID: h1zOR+c3EIR2 In preparation for a nearby commit that will add actual Kerberos services to Guix, the older names were made more specific. The original names were misleading and too generic. The krb5-service-type provided no service at all but merely created a file at /etc/krb5.conf that is needed to associate equipment with a Kerberos realm. The original names further suggested that at least some of the needed servers might be started, making it necessary to clarify otherwise in the documentation. Change-Id: I951c16aedcf1141d7d947f984cf89c22d3cc96ce --- doc/guix.texi | 16 ++++++++-------- gnu/services/kerberos.scm | 19 ++++++++++++++----- 2 files changed, 22 insertions(+), 13 deletions(-) diff --git a/doc/guix.texi b/doc/guix.texi index 1fd2e21608..a5119d2058 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -29963,10 +29963,10 @@ Kerberos Services @subsection Kerberos Services @cindex Kerberos -The @code{(gnu services kerberos)} module provides services relating to -the authentication protocol @dfn{Kerberos}. +@subsubheading Krb5 Association Service -@subsubheading Krb5 Service +The @code{(gnu services kerberos)} module provides miscellaneous +services relating to the authentication protocol @dfn{Kerberos}. Programs using a Kerberos client library normally expect a configuration file in @file{/etc/krb5.conf}. @@ -29978,15 +29978,15 @@ Kerberos Services This service is known to work with the MIT client library, @code{mit-krb5}. Other implementations have not been tested. -@defvar krb5-service-type +@defvar krb5-association-service-type A service type for Kerberos 5 clients. @end defvar @noindent Here is an example of its use: @lisp -(service krb5-service-type - (krb5-configuration +(service krb5-association-service-type + (krb5-association-configuration (default-realm "EXAMPLE.COM") (allow-weak-crypto? #t) (realms (list @@ -30010,7 +30010,7 @@ Kerberos Services @item Accepts services which only support encryption types known to be weak. @end itemize -The @code{krb5-realm} and @code{krb5-configuration} types have many fields. +The @code{krb5-realm} and @code{krb5-association-configuration} types have many fields. Only the most commonly used ones are described here. For a full list, and more detailed explanation of each, see the MIT @uref{https://web.mit.edu/kerberos/krb5-devel/doc/admin/conf_files/krb5_conf.html,,krb5.conf} @@ -30035,7 +30035,7 @@ Kerberos Services @end table @end deftp -@deftp {Data Type} krb5-configuration +@deftp {Data Type} krb5-association-configuration @table @asis @item @code{allow-weak-crypto?} (default: @code{#f}) diff --git a/gnu/services/kerberos.scm b/gnu/services/kerberos.scm index a6f540a9b6..ec9b6c10b5 100644 --- a/gnu/services/kerberos.scm +++ b/gnu/services/kerberos.scm @@ -20,6 +20,7 @@ (define-module (gnu services kerberos) #:use-module (gnu services) #:use-module (gnu services configuration) #:use-module (gnu system pam) + #:use-module (guix deprecation) #:use-module (guix gexp) #:use-module (guix records) #:use-module (srfi srfi-1) @@ -33,6 +34,10 @@ (define-module (gnu services kerberos) krb5-realm krb5-realm? + krb5-association-configuration + krb5-association-configuration? + krb5-association-service-type + krb5-configuration krb5-configuration? krb5-service-type)) @@ -228,7 +233,7 @@ (define-configuration krb5-realm ;; For a more detailed explanation of these fields see man 5 krb5.conf -(define-configuration krb5-configuration +(define-configuration krb5-association-configuration (allow-weak-crypto? (boolean/unset unset-field) "If true, permits access to services which only offer weak encryption.") @@ -394,20 +399,20 @@ (define-configuration krb5-configuration "The list of realms which clients may access.")) -(define (krb5-configuration-file config) +(define (krb5-association-configuration-file config) "Create a Kerberos 5 configuration file based on CONFIG" (mixed-text-file "krb5.conf" "[libdefaults]\n\n" (with-output-to-string (lambda () (serialize-configuration config - krb5-configuration-fields))))) + krb5-association-configuration-fields))))) (define (krb5-etc-service config) - (list `("krb5.conf" ,(krb5-configuration-file config)))) + (list `("krb5.conf" ,(krb5-association-configuration-file config)))) -(define krb5-service-type +(define krb5-association-service-type (service-type (name 'krb5) (extensions (list (service-extension etc-service-type @@ -416,6 +421,10 @@ (define krb5-service-type normally expect a configuration file in @file{/etc/krb5.conf}. This service generates such a file. It does not cause any daemon to be started."))) +(define-deprecated krb-configuration krb5-association-configuration) +(define-deprecated krb-configuration? krb5-association-configuration?) +(define-deprecated krb-service-type krb5-association-service-type) + (define-record-type* -- 2.41.0