From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([209.51.188.92]:49721) by lists.gnu.org with esmtp (Exim 4.86_2) (envelope-from ) id 1hdtE6-00033W-0t for guix-patches@gnu.org; Thu, 20 Jun 2019 05:19:27 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hdt71-00070H-9x for guix-patches@gnu.org; Thu, 20 Jun 2019 05:12:09 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:34309) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1hdt6v-0006tS-UP for guix-patches@gnu.org; Thu, 20 Jun 2019 05:12:05 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1hdt6v-0004yw-MG for guix-patches@gnu.org; Thu, 20 Jun 2019 05:12:01 -0400 Subject: [bug#36239] [PATCH] opensmtpd-service-type to extend pam Resent-Message-ID: From: Tobias Geerinckx-Rice References: <87sgsaxn6t.fsf@walletsworth.com> <87tvcl1f76.fsf@gnu.org> <87tvclqdsd.fsf@walletsworth.com> In-reply-to: <87tvclqdsd.fsf@walletsworth.com> Date: Thu, 20 Jun 2019 11:11:50 +0200 Message-ID: <87k1dgsjs9.fsf@nckx> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="==-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org Sender: "Guix-patches" To: Ludovic =?UTF-8?Q?Court=C3=A8s?= , Kristofer Buffington Cc: 36239@debbugs.gnu.org --==-=-= Content-Type: multipart/mixed; boundary="=-=-=" --=-=-= Content-Type: text/plain; format=flowed Kristofer, Ludo', Kristofer Buffington wrote: > The opensmtpd package includes --with-pam at build time, but the > service > does not extend pam. As a result, an administrator would need to > maintain a seperate passwd or other authentication > mechanism instead of using PAM. Thanks for the patch! Looks good to me, assuming you've battle-tested the thing. I've Guixed up the commit message, but let's give Ludo' a chance to respond. > walletsworth I feel all, like, personally offended. Kind regards, T G-R --=-=-= Content-Type: text/x-patch; charset=utf-8 Content-Disposition: inline; filename=0001-services-opensmtpd-Extend-the-PAM-service.patch Content-Transfer-Encoding: quoted-printable From=2060f3fd35ac4925e86556781ccc2620f54dccacd9 Mon Sep 17 00:00:00 2001 From: Kristofer Buffington Date: Wed, 12 Jun 2019 16:34:30 -0400 Subject: [PATCH] services: opensmtpd: Extend the PAM service. * gnu/services/mail.scm (%opensmtpd-pam-services): New variable. (opensmtpd-service-type)[extensions]: Add it, extending PAM-ROOT-SERVICE-TYPE. Signed-off-by: Tobias Geerinckx-Rice =2D-- gnu/services/mail.scm | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/gnu/services/mail.scm b/gnu/services/mail.scm index 0e85ada3d0..3de0b4c2f3 100644 =2D-- a/gnu/services/mail.scm +++ b/gnu/services/mail.scm @@ -3,6 +3,7 @@ ;;; Copyright =C2=A9 2017, 2018 Cl=C3=A9ment Lassieur ;;; Copyright =C2=A9 2017 Carlo Zancanaro ;;; Copyright =C2=A9 2017 Tobias Geerinckx-Rice +;;; Copyright =C2=A9 2019 Kristofer Buffington ;;; ;;; This file is part of GNU Guix. ;;; @@ -1667,6 +1668,9 @@ accept from local for any relay (mkdir-p "/var/spool/smtpd") (chmod "/var/spool/smtpd" #o711)))))) =20 +(define %opensmtpd-pam-services + (list (unix-pam-service "smtpd"))) + (define opensmtpd-service-type (service-type (name 'opensmtpd) @@ -1675,6 +1679,8 @@ accept from local for any relay (const %opensmtpd-accounts)) (service-extension activation-service-type opensmtpd-activation) + (service-extension pam-root-service-type + (const %opensmtpd-pam-services)) (service-extension profile-service-type (compose list opensmtpd-configuration-package= )) (service-extension shepherd-root-service-type =2D-=20 2.22.0 --=-=-=-- --==-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iHUEARYKAB0WIQT12iAyS4c9C3o4dnINsP+IT1VteQUCXQtN1gAKCRANsP+IT1Vt ebJDAP0dm1lAD1glXbBAWTifBYtvG5hNFMcqvD91QL08cZW8KgEA60GqtLyrl+W0 JJPgmyK89S8kAFR+MEPZiaWf2BzQAAI= =3oaN -----END PGP SIGNATURE----- --==-=-=--