From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp1 ([2001:41d0:2:4a6f::]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by ms0.migadu.com with LMTPS id 2KROJbiXW2APxQAAgWs5BA (envelope-from ) for ; Wed, 24 Mar 2021 20:49:12 +0100 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp1 with LMTPS id T5PWILiXW2C6OAAAbx9fmQ (envelope-from ) for ; Wed, 24 Mar 2021 19:49:12 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 078DB11060 for ; Wed, 24 Mar 2021 20:49:12 +0100 (CET) Received: from localhost ([::1]:60992 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1lP9V9-0000VY-6p for larch@yhetil.org; Wed, 24 Mar 2021 15:49:11 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:33700) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lP9V0-0000VI-Mi for guix-patches@gnu.org; Wed, 24 Mar 2021 15:49:02 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:52824) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1lP9V0-0004tl-El for guix-patches@gnu.org; Wed, 24 Mar 2021 15:49:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1lP9V0-0002xr-DB for guix-patches@gnu.org; Wed, 24 Mar 2021 15:49:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#47364] [PATCH 2/2] services: slim: Add pam-gnupg support. Resent-From: Oleg Pykhalov Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Wed, 24 Mar 2021 19:49:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 47364 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: Maxime Devos Cc: 47364@debbugs.gnu.org Received: via spool by 47364-submit@debbugs.gnu.org id=B47364.161661530511335 (code B ref 47364); Wed, 24 Mar 2021 19:49:02 +0000 Received: (at 47364) by debbugs.gnu.org; 24 Mar 2021 19:48:25 +0000 Received: from localhost ([127.0.0.1]:36137 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lP9UP-0002wl-AS for submit@debbugs.gnu.org; Wed, 24 Mar 2021 15:48:25 -0400 Received: from mail-lj1-f179.google.com ([209.85.208.179]:46704) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lP9UN-0002wT-1O for 47364@debbugs.gnu.org; Wed, 24 Mar 2021 15:48:23 -0400 Received: by mail-lj1-f179.google.com with SMTP id u20so102404lja.13 for <47364@debbugs.gnu.org>; Wed, 24 Mar 2021 12:48:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:references:date:in-reply-to:message-id :user-agent:mime-version; bh=beca2QewKkrCQkvL4D88G8qPnxyivX5Iz20YFR6yswk=; b=sMI0FN4fL8LgD+10PyuATnnuCuprCfSrkvri2ZSFuH9X1MV3IpQbJ2L+evhJCXoWTh /BrbXMzlmRXaM5L9QIA5V5BMrdRarCkqzvZl7MmlSrOI2B/r151SHde9sWRSeVHq+XkE uvc9SdnqTtucAJf++dKJm/RSyPAf5Fbhij6OH2PXXEO1+D3lCQXiFCS1G44SCggUs/Re TP0Y3bfLSMaISvDtUEcNubvYoxhpR1N6HDamgpaheM9iQlos7Y5IVtS50utE3AxVFD2/ VvvMXpuuWdvQlV/wpqo/CD19vmgxrfTTpdq1NDay/li1wUHs/JZbEf12cILbnvcYuEBi RETQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:references:date:in-reply-to :message-id:user-agent:mime-version; bh=beca2QewKkrCQkvL4D88G8qPnxyivX5Iz20YFR6yswk=; b=gLUYK7b4Kun2MW1+V9bcwp1kdDQiOKbM9bGUcQv4VF60BWXYsprvsDJ7JB+CkY8vwL 6JTi/DLS18cYPKI4NTexmGlf70g3xWt7s8Aoi3PZDocagYy3izxrJ934oWYtzM2P2fOH +QjFREDpLtLD1xMW0LkeuLiHSyywBZGMeWpgz7ntDpjfwve/POr1hyDSYas4VOTmjLEg kZHEK9fqBMCW1KHgAL5Bs8Jyy7hHWhE/YwY4sFUuzEyFU7Njk0l9yek7caWYw2oMHces Z2dRY8r2Z5PKVyRSNVdb8oPGyMfI+3LkJwalwftH+Ga2ZXLdeOfGAQUFPH5hqujkgJUA 8s1w== X-Gm-Message-State: AOAM532+mrIk/U723ihFcJII4d8EULnk9Rrp8cpONVnfDugIWFtozwnR 8p3y8WOeuhh1DCAHeHwySlvKegTsgrI= X-Google-Smtp-Source: ABdhPJxhKnxUD7B+hFTBxX4cWnxUD0N7Z2ZMzlwBir9C6W2uRbpkyOBbdIv176syVW0aOWD5JFu3bA== X-Received: by 2002:a2e:95c7:: with SMTP id y7mr3076849ljh.499.1616615296438; Wed, 24 Mar 2021 12:48:16 -0700 (PDT) Received: from guixsd ([88.201.161.72]) by smtp.gmail.com with ESMTPSA id s12sm314456lfc.207.2021.03.24.12.48.15 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 24 Mar 2021 12:48:15 -0700 (PDT) From: Oleg Pykhalov References: <20210324165233.28428-1-go.wigust@gmail.com> <20210324165233.28428-2-go.wigust@gmail.com> <6ca83b55b46c4677a45fd0e026ac14880093ea7f.camel@telenet.be> Date: Wed, 24 Mar 2021 22:48:01 +0300 In-Reply-To: <6ca83b55b46c4677a45fd0e026ac14880093ea7f.camel@telenet.be> (Maxime Devos's message of "Wed, 24 Mar 2021 20:22:43 +0100") Message-ID: <87ft0ks58u.fsf@gmail.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux) MIME-Version: 1.0 Content-Type: multipart/signed; boundary="==-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: "Guix-patches" X-Migadu-Flow: FLOW_IN ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1616615352; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:resent-cc:resent-from:resent-sender: resent-message-id:in-reply-to:in-reply-to:references:references: list-id:list-help:list-unsubscribe:list-subscribe:list-post: dkim-signature; bh=beca2QewKkrCQkvL4D88G8qPnxyivX5Iz20YFR6yswk=; b=Nt5vuUteKB49V6ijyohmzx5DHnVdIVn6ozNaIwGudbcmVt8gkZ/DfOtoNaut+6PzkjPFFT Oz+gaXVCXG/5KoHto3ysKLTrjzHnWJHTDtAamlFLfwlzVxWf6lrMPwakLUVwG+fjVc2t3G pCtcH7aH7KEnatkLpRZps4CDszsFVgAHQh+FEMOSKCH1PYswmZAfp2DFSn5cGDuoy2oqU2 oCwQMkHunq6DQDhe2gbINucWrCO/D5CkLpjKzaLSbShqVM5RTDCOMrDQfUqgf5YPDJbU5x TyKEogTRohBROCORLWjGvhpWjxHGs91kdxjHPzlRgyFug3n9hLeSJLTe/8sDrA== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1616615352; a=rsa-sha256; cv=none; b=dJBhxSOwQxteQ+3hm2CLZYnUOc6C43rZJvdiUI6ln/bvTtMVhN5Jw0H/cijj9Og38RA0/H wji0q2Xl7OeCFXXP4NPAAVHLdkexaTGfDMHbBpIGo/i93LhRbNpRbvEW5DXo/onHcdSnz2 FRFnzpmk2D1Fq4IOAOsRvqWc5f9InGg+x8TVWsflNtDSuBCxckePGLgPN+3tWlDY2+7WOH km4XlDYJWnSIfvX2gQb0AGV9Xr6UNq+Ux1jPCV9LVElgjhre5DoeRncKzBo7KRuQuO65Dm onqnW88CqQ/bn3OMUVP9/SFuqjSB3g7MgWlEc+e//SGLJ7z/YK/fr8Qdd356TQ== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=gmail.com header.s=20161025 header.b=sMI0FN4f; dmarc=fail reason="SPF not aligned (relaxed)" header.from=gmail.com (policy=none); spf=pass (aspmx1.migadu.com: domain of guix-patches-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-patches-bounces@gnu.org X-Migadu-Spam-Score: -3.42 Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=gmail.com header.s=20161025 header.b=sMI0FN4f; dmarc=fail reason="SPF not aligned (relaxed)" header.from=gmail.com (policy=none); spf=pass (aspmx1.migadu.com: domain of guix-patches-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-patches-bounces@gnu.org X-Migadu-Queue-Id: 078DB11060 X-Spam-Score: -3.42 X-Migadu-Scanner: scn0.migadu.com X-TUID: MlObdBrpzbg9 --==-=-= Content-Type: multipart/mixed; boundary="=-=-=" --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hi, Thank you for the review! Maxime Devos writes: > I'm not familiar with PAM, so I can't do much reviewing about that > (seems ok, though I'm no expert). I'm :-) too, but it works for me. [=E2=80=A6] I applied all your suggestions. --=-=-= Content-Type: text/x-patch Content-Disposition: inline Content-Description: allow-root?, gnupg?, documentation diff --git a/gnu/system/pam.scm b/gnu/system/pam.scm index 75edd01908..128b2bb0fe 100644 --- a/gnu/system/pam.scm +++ b/gnu/system/pam.scm @@ -208,14 +208,16 @@ dumped in /etc/pam.d/NAME, where NAME is the name of SERVICE." (env (pam-entry ; to honor /etc/environment. (control "required") (module "pam_env.so")))) - (lambda* (name #:key allow-empty-passwords? (allow-root? #f) motd - login-uid? (gnupg? #f)) + (lambda* (name #:key allow-empty-passwords? allow-root? motd + login-uid? gnupg?) "Return a standard Unix-style PAM service for NAME. When ALLOW-EMPTY-PASSWORDS? is true, allow empty passwords. When ALLOW-ROOT? is true, allow root to run the command without authentication. When MOTD is true, it should be a file-like object used as the message-of-the-day. When LOGIN-UID? is true, require the 'pam_loginuid' module; that module sets -/proc/self/loginuid, which the libc 'getlogin' function relies on." +/proc/self/loginuid, which the libc 'getlogin' function relies on. When +GNUPG? is true, require the 'pam_gnupg.so' module; that module hands over +login password to 'gpg-agent'." ;; See . (pam-service (name name) --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Plus in Git commit message =E2=80=9CDon't pass "#f" to "allow-root?" argume= nt, because "lambda*" already does this by default.=E2=80=9D. --=-=-=-- --==-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQJIBAEBCgAyFiEEcjhxI46s62NFSFhXFn+OpQAa+pwFAmBbl3EUHGdvLndpZ3Vz dEBnbWFpbC5jb20ACgkQFn+OpQAa+pzFLxAAydMjfLaAsfO7uvoWl/f51/qCY2R9 JjxB9TbixUbc85a1r7n24nbG9viPOxn7ssuwh5meU5oRkHhjODSxn6tmSXAxkzH4 vcD4XYOG8qJd8m1aMzxHmryVhuubqHbj6OvtpvVRc7+jN2uf4Fr2A0i8kepYut6H rfzEj6AYrCmvrDjFiiBGfFz8buZSZjm5vUFbiF4ZA446lFDoDiKWvx8R8ZTIcI+k ye6V790Aq3DJyp3xnuA788Rlnrvx+jN4jGgK8udqiTR2hPFMuz6IC7GJGZR1B1pj xynB/Ti3vlHyOBuSigL9WlVcjI6X8YC7FYKhkJ5HFt3Vt/uz7IqJHjRiazUVfouc MPBgXLqlR8933kfiFucdF/dd4pQ9ik5UGnr/b2l9C8T08A/VFUEh+jskLsvvlvI6 iYzVw3lm5hY6bylCCzCNtEIrHzjq1R9mgQSebvcIQ6aI3TJI1otMgNwCUeaTbTwB Pw9z0XG3SZw3prveEItUjeqizOkXpfJwzdMpLHRbt/xq9GBn9pAr58hoGUfakogu e4mHmup5m/uSY+RV0whkzZxcnWY7AUXrf9l2nv7iyA3KWs+AEFvh/sOTbI2s11Vh dKzlFJE/5dCFH1O6MXkm533ZKNMr/MHm/+/+kg/F+f50oIZ503uu5jRWecZRZeLo 3HNZ7rvp4grWyrk= =nkjx -----END PGP SIGNATURE----- --==-=-=--