From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp2.migadu.com ([2001:41d0:303:e224::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms13.migadu.com with LMTPS id IF2UG9crdGYTHAEAe85BDQ:P1 (envelope-from ) for ; Thu, 20 Jun 2024 13:17:11 +0000 Received: from aspmx1.migadu.com ([2001:41d0:303:e224::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp2.migadu.com with LMTPS id IF2UG9crdGYTHAEAe85BDQ (envelope-from ) for ; Thu, 20 Jun 2024 15:17:11 +0200 X-Envelope-To: larch@yhetil.org Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=ikherbers.com header.s=strato-dkim-0002 header.b=Q9ka9v00; dkim=fail ("headers eddsa verify failed") header.d=ikherbers.com header.s=strato-dkim-0003 header.b="TjCF1LB/"; dmarc=none; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org"; arc=reject ("signature check failed: fail, {[1] = sig:strato.com:reject}") ARC-Seal: i=2; s=key1; d=yhetil.org; t=1718889431; a=rsa-sha256; cv=fail; b=GRTc+R+TzLFZFvlM4KZHJSQf44CE9NgWq3h+K3LH1lO+iLxUuAHEMIszkWSHHt6iB7yJo3 Sif3MK0N2S1B6iNayYKLo29aZhOWSNFNSU8qu6zTlMJjSfgUqHwBpnUEp1go7kXakSxqvQ 9X6Zg8rkmuYyKlrH/E+GglT4aQdoGSN/G+hNywJxN79q4E+XrKXn5C4m4xmFsd1roLn4pd RVWj6WvDpWQtGh+sjR1GSDea/fLMs9Nxocu+B+yaOZyOk0aR5jyNQp7Qp+2oVdL2wCBcSy nC/7AVTtBxKh0oh9Hq2Y6StrNwJ4Qq25BdfXV5lqRuR75g55A6J/P9cgVG1W3g== ARC-Authentication-Results: i=2; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=ikherbers.com header.s=strato-dkim-0002 header.b=Q9ka9v00; dkim=fail ("headers eddsa verify failed") header.d=ikherbers.com header.s=strato-dkim-0003 header.b="TjCF1LB/"; dmarc=none; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org"; arc=reject ("signature check failed: fail, {[1] = sig:strato.com:reject}") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1718889431; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:resent-cc: resent-from:resent-sender:resent-message-id:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=BhKvs6VW+6nkIxIZjK2IGjhDb71jB9q0sJbaydSOswM=; b=q2TOaoSX7PBCXNqIUMq2plhBLaJG6Xu4yyqGrYsnNyBsCUZsCAk/0xa4vMhLNuLwYfANLI K+mt+lezSEBvP2hy7Z7Pu9ejJbU89Qz3TeuTSJoyUYWtfaC3XBRaXHuEnuyyIEkOH/pN4+ qQIViqmVfF6GoPylMGx9tLmVexM9veF4V5h8VhsmiL2Nba7dwrNxwr1zl2w4FBn9D5wAzi gwQ5OySqJKW72MXMsTCD1OXgv/7jjy6DxxMLNNXopKToCtbcOj8tjxMVEyYT9c2ijlJPFy 5jmN3Ww1qIZ61H5gqDMRu1JngIIoSXtM8KZVJWgypAsi43epfwv8p8q0Jf8UhQ== Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 18F126A615 for ; Thu, 20 Jun 2024 15:17:11 +0200 (CEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sKHeu-0000lG-Hl; Thu, 20 Jun 2024 09:17:00 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sKHes-0000jX-Nu for guix-patches@gnu.org; Thu, 20 Jun 2024 09:16:58 -0400 Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sKHes-0000No-Dm for guix-patches@gnu.org; Thu, 20 Jun 2024 09:16:58 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1sKHew-0008F1-7g for guix-patches@gnu.org; Thu, 20 Jun 2024 09:17:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#71594] [PATCH] file-systems: Allow specifying CIFS credentials in a file. Resent-From: vicvbcun Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Thu, 20 Jun 2024 13:17:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 71594 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: Richard Sent Cc: 71594@debbugs.gnu.org Received: via spool by 71594-submit@debbugs.gnu.org id=B71594.171888940431641 (code B ref 71594); Thu, 20 Jun 2024 13:17:02 +0000 Received: (at 71594) by debbugs.gnu.org; 20 Jun 2024 13:16:44 +0000 Received: from localhost ([127.0.0.1]:56304 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sKHed-0008EH-J4 for submit@debbugs.gnu.org; Thu, 20 Jun 2024 09:16:43 -0400 Received: from mo4-p00-ob.smtp.rzone.de ([85.215.255.22]:39901) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1sKHeb-0008E1-BL for 71594@debbugs.gnu.org; Thu, 20 Jun 2024 09:16:42 -0400 ARC-Seal: i=1; a=rsa-sha256; t=1718889392; cv=none; d=strato.com; s=strato-dkim-0002; b=jzpygK/UDQpz7t7+ZyBnNqlMuUqudPkFm/IV87ixWOBr93c5F+pzvkB002/kH8gJ8D mYzAlcD3f92sBVXb66V9zfc+w+IPVd3DBWaeP1FCkp54J2+uDvZfH0J5M40xRzLrEf1v DeJVa1y8Q2fdkW9beG04fRzNYRD/yA4dzNToaq54UmJo6Lbsq5zq+IR2XLruLcvDbk4s OJhlxKPPBKBBvGkvcapURamVJhLDfwI3wsyllYijhXU1z5N3fVmldUqRW/uX4R9QXKra BuDrJiPWE6XUQIqUAkjAc41Is04/MwdthdtCQrbqtfqEdREk/7YfEQav6XEeXAy65jKE Uf+A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; t=1718889392; s=strato-dkim-0002; d=strato.com; h=In-Reply-To:References:Message-ID:Subject:Cc:To:From:Date:Cc:Date: From:Subject:Sender; bh=BhKvs6VW+6nkIxIZjK2IGjhDb71jB9q0sJbaydSOswM=; b=mS25cVfxWkavcvEdYvntDOGIH7B1mBMASrTeHHb6oXYyls/2eMmHVEA3T7lC9h1i4L n33uHIeRroBr8zKpnWs1a02BVWBeDZvFH3j3CylDjquSojDMpErKo24QjTj5bvFxlKAY 7wlZEjKyoocxihJrVR/i1E0Gt6foF7fe6clNjq1tVgIziC7yZqjYQoEPIau5ndKWIRgw XBt+LAIZUk2iK8UrdNX/zB22orJbhjg+U346GXEXhHmyMBor7WcZL8seFhDdukZL+Q+V 9JwMTDYHnTZeMn6LWcDmGVFSiK5Yk4pYRfL0Fj7ar7eabHv5pNUJ9XrgMgprk5AXHWtw dLMg== ARC-Authentication-Results: i=1; strato.com; arc=none; dkim=none X-RZG-CLASS-ID: mo00 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1718889392; s=strato-dkim-0002; d=ikherbers.com; h=In-Reply-To:References:Message-ID:Subject:Cc:To:From:Date:Cc:Date: From:Subject:Sender; bh=BhKvs6VW+6nkIxIZjK2IGjhDb71jB9q0sJbaydSOswM=; b=Q9ka9v00K4G/+1Bi0JxFPNqbakMd5AQcLnjPj+WmjV5ri+//YPsX5WrnjBp+ckpTJn d1RgUgpPOczTFVBz6sbCEhNwQ6LPmaPYBxXk2HP9J3X3pNRxK82qFwXC59hJOw3JcrRD uN1b4xdzikdpH1axjWK96JUtTV/ymCdHzwxcfWlKnJwoN69zXqE4qIh85shQlljdT1LO jPf1Ijnf+qk0YOkiji+WN7ORnw0ERKk30jcf65gGMIO+ctq0K5VwVNrXKPyd+1k/vZny x1vM2cJIjYuzSO8RHQ1VOOFdX/tVcPxRXBFQXeORX14vWkXin8Me/C3r0g6XgUsTPUJs UQ0g== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; t=1718889392; s=strato-dkim-0003; d=ikherbers.com; h=In-Reply-To:References:Message-ID:Subject:Cc:To:From:Date:Cc:Date: From:Subject:Sender; bh=BhKvs6VW+6nkIxIZjK2IGjhDb71jB9q0sJbaydSOswM=; b=TjCF1LB/HauULEgmNd9X7plgjxXnPtH+3O0Wt4I7RuEyBqdAgdj7XJbNTH6CskPFDa nxzqfh/Dfe4VnarL+UDA== X-RZG-AUTH: ":IUwNfkitaf3qOWm2b/jA5tveVwUUcwH3PkiYp6DPxTDDEo4xO9SmHnazdiAbr2Pc6C1TBA==" Received: from lambda.localdomain by smtp.strato.de (RZmta 50.5.0 DYNA|AUTH) with ESMTPSA id 507f1505KDGWju4 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256 bits)) (Client did not present a certificate); Thu, 20 Jun 2024 15:16:32 +0200 (CEST) Date: Thu, 20 Jun 2024 15:16:32 +0200 From: vicvbcun Message-ID: References: <434a45cea2afc5e4de5af5b15bc732b7587a979a.1718550930.git.guix@ikherbers.com> <877cem1hk1.fsf@freakingpenguin.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <877cem1hk1.fsf@freakingpenguin.com> X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: guix-patches-bounces+larch=yhetil.org@gnu.org X-Migadu-Flow: FLOW_IN X-Migadu-Country: US X-Migadu-Spam-Score: -3.86 X-Migadu-Scanner: mx12.migadu.com X-Spam-Score: -3.86 X-Migadu-Queue-Id: 18F126A615 X-TUID: 1UpJOcG3Mb6e Hi, thanks for the review! On 2024-06-18T09:55:42-0400, Richard Sent wrote: > [...] > I'd personally rename this to read-cifs-credential-file or > cifs-read-credential-file if it's only used with cifs. done > You may be able to make this more compact by following a structure > similar to authorized-shell-directory? in (guix scripts shell). I rewrote it using `match'; while not more compact, I like it more. > I believe CIFS will add a password2 mount option in 6.9.4 [1]. We should > check if mount.cifs supports putting that option in the credentials file > and match their behavior. If that's too much an ask (Guix's mount.cifs > may not be new enough), I think a comment or proactive bug report is > appropriate. If my understanding is correct, the `password2' option is just a way to supply an additional password the kernel may use when rotating passwords. Looking at the latest version of mount.cifs[0], it doesn't seem to handle `password2' intentionally: Passing `password2' on the command line should work, but only because the return value of `parse_opt_token' is not checked for `OPT_ERROR'; in a credentials file it is accepted (as `parse_cred_line' only checks for a "pass" prefix) but passed as `password' instead. I think that being able to specify `password2' in a credentials file makes sense and my patch doesn't forbid it. If exposing an interface identical to that of `mount.cifs' and preserving the exact semantics (e.g `mount.cifs' complains when multiple passwords are specified and takes the first one) is the ultimate goal, I'd just shell out to `mount.cifs'. I certainly won't implement all the idiosyncrasies :). 0: https://git.samba.org/?p=cifs-utils.git;a=blob;f=mount.cifs.c;h=3b7a6b3c22e8c3b563c7ea92ecb9891fdfac01a6;hb=refs/heads/for-next > > + (credential-file (and=> (string-match "(^|,)(credentials|cred)=([^,]+)(,|$)" options) > > Line's a bit long, can we add a newline before options? done > > + (string-join (read-credential-file credential-file) "," 'prefix) > > Ditto with ",". done > Otherwise looks good to me. Thanks, with this I think we handle every > mount option the same way as mount.cifs. 😄 > > [1]: https://sambaxp.org/fileadmin/user_upload/sambaxp2024-Slides/sxp24-French-accessing_remote.pdf, > slide 25 > > -- > Take it easy, > Richard Sent > Making my computer weirder one commit at a time. vicvbcun