From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp0 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id 8D3qLbb7z15hHAAA0tVLHw (envelope-from ) for ; Thu, 28 May 2020 17:58:14 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp0 with LMTPS id +HLyKbb7z17OfgAA1q6Kng (envelope-from ) for ; Thu, 28 May 2020 17:58:14 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 3FF119404C8 for ; Thu, 28 May 2020 17:58:14 +0000 (UTC) Received: from localhost ([::1]:36662 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jeMnF-0007Cw-7n for larch@yhetil.org; Thu, 28 May 2020 13:58:13 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:55284) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jeMn4-0007Cg-4I for guix-patches@gnu.org; Thu, 28 May 2020 13:58:02 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:41430) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1jeMn3-0007AP-RG for guix-patches@gnu.org; Thu, 28 May 2020 13:58:01 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1jeMn3-0007dg-O6 for guix-patches@gnu.org; Thu, 28 May 2020 13:58:01 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#41578] [PATCH] gnu: Add opendoas. Resent-From: Tobias Geerinckx-Rice Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Thu, 28 May 2020 17:58:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 41578 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: Morgan.J.Smith@outlook.com Cc: 41578@debbugs.gnu.org X-Debbugs-Original-Cc: 41578@debbugs.gnu.org, guix-patches@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.159068863229286 (code B ref -1); Thu, 28 May 2020 17:58:01 +0000 Received: (at submit) by debbugs.gnu.org; 28 May 2020 17:57:12 +0000 Received: from localhost ([127.0.0.1]:52973 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jeMmG-0007cI-3R for submit@debbugs.gnu.org; Thu, 28 May 2020 13:57:12 -0400 Received: from lists.gnu.org ([209.51.188.17]:38620) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jeMmF-0007cB-0O for submit@debbugs.gnu.org; Thu, 28 May 2020 13:57:11 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:55126) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jeMmE-0006zJ-H5 for guix-patches@gnu.org; Thu, 28 May 2020 13:57:10 -0400 Received: from tobias.gr ([2a02:c205:2020:6054::1]:35508) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jeMmC-0006Zi-F9 for guix-patches@gnu.org; Thu, 28 May 2020 13:57:09 -0400 Received: by tobias.gr (OpenSMTPD) with ESMTP id b59f4b3a; Thu, 28 May 2020 17:57:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=tobias.gr; h=from:to:cc :subject:references:in-reply-to:date:message-id:mime-version :content-type; s=2018; i=me@tobias.gr; bh=N5/sAt/1TkqvD3Rq+wkkJC +dAz9Zquld5ofMl7f41t4=; b=ARZ9s/+efcRxJpVAkp7s/YnvM3dDY/8PYMX5Z8 MdRyrDGuFoyprwb+C+XC/Prja9HUjF9M+18lgLBPjq/jpj6QXSMrsRW+0+W6F7UN e0sr/qXaE0KVV4FjbpuCNCBoBDi1xtLvX51/GmbZOW34G3HwkFUtDzgCzHtyCbt1 PBfyBWsFMXBI3bjas4LygG5TRe0ivGfm/oYag0JbFVzE0qK7Nu6o4Wn06fbwhXWq a+0vqURH0Q93JUjzEcJUxuDjw+klHLzS0sgDkLiDV4iBvIaNis0FDbXYanVdjpBA xk3aFolgOHnC6eydb2nX19fiUcV+vxSp+fO/I479qSfvOpxQ== Received: by submission.tobias.gr (OpenSMTPD) with ESMTPSA id 1ecea122 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256:NO); Thu, 28 May 2020 17:57:06 +0000 (UTC) References: In-reply-to: Date: Thu, 28 May 2020 19:57:03 +0200 Message-ID: <875zcg3pu8.fsf@nckx> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" Received-SPF: pass client-ip=2a02:c205:2020:6054::1; envelope-from=me@tobias.gr; helo=tobias.gr X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001 autolearn=_AUTOLEARN X-Spam_action: no action X-Spam-Score: -1.4 (-) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-Spam-Score: -2.4 (--) X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: "Guix-patches" Reply-to: Tobias Geerinckx-Rice , Tobias Geerinckx-Rice via Guix-patches From: Tobias Geerinckx-Rice via Guix-patches via X-Scanner: scn0 Authentication-Results: aspmx1.migadu.com; dkim=fail (rsa verify failed) header.d=tobias.gr header.s=2018 header.b=ARZ9s/+e; dmarc=none; spf=pass (aspmx1.migadu.com: domain of guix-patches-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-patches-bounces@gnu.org X-Spam-Score: -1.61 X-TUID: qGhFPug7y0vZ --=-=-= Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: quoted-printable Morgan, Morgan.J.Smith@outlook.com =E5=86=99=E9=81=93=EF=BC=9A > * gnu/packages/admin.scm (opendoas): New variable. Thank you! It looks good to me. I've queued it locally with the=20 (minor) changes below, but will wait a few days for=20 to land if that's all right=20 with you. I also need to test it as a proper setuid programme. > +(define-public opendoas > + (package > + (name "opendoas") > + (version "6.6.1") > + (source (origin > + (method git-fetch) > + (uri (git-reference > + (url=20 > "https://github.com/Duncaen/OpenDoas.git") > + (commit (string-append "v" version)))) > + (file-name (git-file-name name version)) > + (sha256 > + (base32 > +=20 > "07kkc5729p654jrgfsc8zyhiwicgmq38yacmwfvay2b3gmy728zn")))) > + (build-system gnu-build-system) > + (arguments (let* ((target (%current-target-system)) I've added a newline after =E2=80=98arguments=E2=80=99 to give your phases = (and=20 helpful comments) some room to breathe and keep lines from=20 exceeding 80 characters. It's mainly a matter of preference.=20 Since I'm reviewing this so you're stuck with my preference. > + (compiler (if target > + (string-append target=20 > "-gcc") > + "gcc"))) > + `(#:phases > + (modify-phases %standard-phases > + ;; We replace the configure phase in order=20 > to remove all the > + ;; default flags. The configure script=20 > doesn't accept most > + ;; of the default flags I shortened this to the last sentence and added a full stop here=E2=80=A6 > + (replace 'configure > + (lambda* (#:key configure-flags=20 > #:allow-other-keys) > + ;; The configure script can only be=20 > told which > + ;; compiler to use through environment=20 > variables =E2=80=A6and here. ;;-style comments are full sentences, unlike ;-ones. > + (add-before 'install 'fix-makefile > + (lambda* (#:key outputs=20 > #:allow-other-keys) > + ;; We can't chown to root as the=20 > chroot doesn't have > + ;; this user. Also the store is owned=20 > by root so this > + ;; isn't necessary. All true, but so common a change in Guix that it's not worth a=20 comment. > + (substitute* "bsd.prog.mk" > + (("^\tchown.*$") ""))))) Phases need to end in truth so I've added a #t here. We get away=20 without one in the previous phase because INVOKE itself is=20 guaranteed to return #t. > + #:configure-flags (list (string-append=20 > "--prefix=3D" %output) > + (string-append=20 > "--target=3D" (or ,target "")) It didn't look to me like this was used for anything, and quoting=20 Morgan on IRC: ya, the configure script really doesn't do a damn=20 thing with target. But in the future it might save someone some=20 time. > + ;; Compiler choice is not carried over from=20 > the configure script. > + #:make-flags (list (string-append "CC=3D"=20 > ,compiler)) I agree that it's nice to save future maintainers the trouble of=20 retracing your steps but don't like the idea of sleeper code.=20 I'll keep them as comments. > + ;; There are no tests provided > + #:tests? #f))) Changed to the equivalent but more conventional #:tests? #f))) ; no test suite > + (native-inputs `(("bison" ,bison))) Added a trivial newline before `. > + (home-page "https://github.com/Duncaen/OpenDoas") > + (synopsis "Portable version of OpenBSD's doas command") > + (description "Doas is a minimal replacement for the=20 > venerable sudo. It was > +initially written by Ted Unangst of the OpenBSD project to=20 > provide 95% of the > +features of sudo with a fraction of the codebase.") Thanks for including a multi-line description! Won't stop me from=20 trying to expand it some more. > + (license license:isc))) Not surprisingly, libbsd/ is under a 3-clause BSD licence. I=20 added it. > --- a/gnu/system.scm > +++ b/gnu/system.scm > @@ -896,6 +896,7 @@ use 'plain-file' instead~%") > (file-append inetutils "/bin/ping6") > (file-append sudo "/bin/sudo") > (file-append sudo "/bin/sudoedit") > + (file-append opendoas "/bin/doas") > (file-append fuse "/bin/fusermount") >=20=20 > ;; To allow mounts with the "user" option, "mount"=20 > and "umount" must This would be a separate patch. However, this would install doas=20 on almost all systems. I think the default list should contain=20 only the minimal defaults, and I don't see doas being a must-have=20 %base-package any time soon. Kind regards, T G-R --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iHUEARYKAB0WIQT12iAyS4c9C3o4dnINsP+IT1VteQUCXs/7bwAKCRANsP+IT1Vt eTPcAQDYdGslHS5kjbGlUFnIn91e6PaL1o7ZXa64OKl3txZqDQEAqoAQQQ9pUWr/ gNuPToBQiaqCyBj6x30jhoMfVUGFSQY= =PZ67 -----END PGP SIGNATURE----- --=-=-=--