From: s.karrmann@web.de
To: 46008@debbugs.gnu.org
Subject: [bug#46008] [PATCH] added mdevd, umtps, nsss
Date: Wed, 20 Jan 2021 21:01:36 +0100 [thread overview]
Message-ID: <trinity-cca42c54-1232-4f04-8de6-81df770110c9-1611172896637@3c-app-webde-bap33> (raw)
From 1f47de4ed6a82c7e75560b67cacaff0c4d923f00 Mon Sep 17 00:00:00 2001
From: "S.Karrmann" <S.Karrmann@web.de>
Date: Wed, 20 Jan 2021 20:48:46 +0100
Subject: [PATCH] added mdevd, umtps, nsss
---
gnu/packages/skarnet.scm | 134 +++++++++++++++++++++++++++++++++++++++
1 file changed, 134 insertions(+)
diff --git a/gnu/packages/skarnet.scm b/gnu/packages/skarnet.scm
index 51be1a30e8..8f66b5ad99 100644
--- a/gnu/packages/skarnet.scm
+++ b/gnu/packages/skarnet.scm
@@ -4,6 +4,7 @@
;;; Copyright © 2017 Z. Ren <zren@dlut.edu.cn>
;;; Copyright © 2018–2021 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2020 Oleg Pykhalov <go.wigust@gmail.com>
+;;; Copyright © 2021 Dr. Stefan Karrmann <S.Karrmann@web.de>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -368,3 +369,136 @@ all the details.")))
"s6-linux-utils is a set of minimalistic Linux-specific system utilities,
such as @command{mount}, @command{umount}, and @command{chroot} commands,
Linux uevent listeners, a @command{devd} device hotplug daemon, and more.")))
+
+(define-public mdevd
+ (package
+ (name "mdevd")
+ (version "0.1.3.0")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://skarnet.org/software/mdevd/mdevd-"
+ version ".tar.gz"))
+ (sha256
+ (base32 "0spvw27xxd0m6j8bl8xysmgsx18fl769smr6dsh25s2d5h3sp2dy"))))
+ (build-system gnu-build-system)
+ (inputs `(("skalibs" ,skalibs)
+ ("execline" ,execline)))
+ (arguments
+ '(#:configure-flags (list
+ (string-append "--with-lib="
+ (assoc-ref %build-inputs "skalibs")
+ "/lib/skalibs")
+ (string-append "--with-sysdeps="
+ (assoc-ref %build-inputs "skalibs")
+ "/lib/skalibs/sysdeps"))
+ #:tests? #f)) ; no tests exist
+ (home-page "https://skarnet.org/software/mdevd")
+ (license isc)
+ (synopsis "A small daemon managing kernel hotplug events, similarly to udevd")
+ (description
+ "It uses the same configuration file as mdev, which is a hotplug
+manager integrated in the Busybox suite of tools. However, mdev needs
+to be registered in /proc/sys/kernel/hotplug, and the kernel forks an
+instance of mdev for every event; by contrast, mdevd is a daemon and
+does not fork.
+
+The point of mdevd is to provide a drop-in replacement to mdev that
+does not fork, so it can handle large influxes of events at boot time
+without a performance drop. mdevd is designed to be entirely
+compatible with advanced mdev usage such as mdev-like-a-boss.")))
+
+(define-public utmps
+ (package
+ (name "utmps")
+ (version "0.1.0.0")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://skarnet.org/software/utmps/utmps-"
+ version ".tar.gz"))
+ (sha256
+ (base32 "09p0k2sgxr7jlsbrn66fzvzf9zxvpjp85y79xk10hxjglypszyml"))))
+ (build-system gnu-build-system)
+ (inputs `(("skalibs" ,skalibs)
+ ("s6" ,s6)))
+ (arguments
+ '(#:configure-flags (list
+ (string-append "--with-lib="
+ (assoc-ref %build-inputs "skalibs")
+ "/lib/skalibs")
+ (string-append "--with-sysdeps="
+ (assoc-ref %build-inputs "skalibs")
+ "/lib/skalibs/sysdeps"))
+ #:tests? #f)) ; no tests exist
+ (home-page "https://skarnet.org/software/utmps")
+ (license isc)
+ (synopsis "Implementation of the utmpx.h family of functions performing user accounting on Unix systems")
+ (description
+ "Traditionally, utmp functionality is provided by the system's libc.
+However, not all libcs implement utmp: for instance the musl libc, on
+Linux, does not. The main reason for it is that utmp functionality is
+difficult to implement in a secure way; in particular, it is
+impossible to implement without either running a daemon or allowing
+arbitrary programs to tamper with user accounting.
+
+utmps is a secure implementation of user accounting, using a daemon as
+the only authority to manage the utmp and wtmp data; programs running
+utmp functions are just clients to this daemon.")))
+
+(define-public nsss
+ (package
+ (name "nsss")
+ (version "0.1.0.0")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://skarnet.org/software/nsss/nsss-"
+ version ".tar.gz"))
+ (sha256
+ (base32 "15rxbwf16wm1la079yr2xn4bccjgd7m8dh6r7bpr6s57cj93i2mq"))))
+ (build-system gnu-build-system)
+ (inputs `(("skalibs" ,skalibs)
+ ("s6" ,s6)))
+ (arguments
+ '(#:configure-flags (list
+ (string-append "--with-lib="
+ (assoc-ref %build-inputs "skalibs")
+ "/lib/skalibs")
+ (string-append "--with-sysdeps="
+ (assoc-ref %build-inputs "skalibs")
+ "/lib/skalibs/sysdeps"))
+ #:tests? #f)) ; no tests exist
+ (home-page "https://skarnet.org/software/nsss")
+ (license isc)
+ (synopsis "subset of the pwd.h, group.h and shadow.h family of functions, performing user database access on Unix systems")
+ (description
+ "Usually, user database access via getpwnam() and similar function is
+provided by the system's libc. However, not all libcs implement a
+configurable backend for the user/group database. For instance the
+musl libc, on Linux, only supports the standard /etc/passwd mechanism;
+it also supports the nscd protocol but this is not quite enough:
+
+musl only connects to nscd when it cannot find an answer in its files backend
+The nscd protocol does not support enumeration, so primitives
+such as getpwent() cannot be implemented over nscd.
+
+The mechanism used by glibc, called Name Service Switch
+(abbreviated to nsswitch or NSS), has its own set of issues
+that makes it unsuitable in certain situations.
+
+nsss is a secure implementation of a \"name service switch\":
+configurable user/group/shadow database access, providing
+getpwnam() et al. functionality by communicating over a Unix
+domain socket with a daemon; the daemon can perform lookups in
+any database it chooses.
+
+nsss does not perform dynamic module loading, only adds a
+small footprint to the application's binary, and does not add
+any complex decision engine into the client's address space.
+Applications can be statically linked against the nsss
+library, and still benefit from configurable user database
+access functions.")))
--
2.29.2
reply other threads:[~2021-01-20 22:14 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=trinity-cca42c54-1232-4f04-8de6-81df770110c9-1611172896637@3c-app-webde-bap33 \
--to=s.karrmann@web.de \
--cc=46008@debbugs.gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).