From mboxrd@z Thu Jan 1 00:00:00 1970 From: Chris Marusich Subject: Re: [PATCH 2/2] services: Add tlsdate-service. Date: Tue, 06 Dec 2016 23:18:07 -0800 Message-ID: <87k2bctdg0.fsf@gmail.com> References: <877f7emdzn.fsf@we.make.ritual.n0.is> <20161205183101.5937-1-ng0@libertad.pw> <20161205183101.5937-3-ng0@libertad.pw> Mime-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha256; protocol="application/pgp-signature" Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:54433) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cEWVX-0003Ai-Nj for guix-devel@gnu.org; Wed, 07 Dec 2016 02:19:17 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cEWVT-0006eg-Va for guix-devel@gnu.org; Wed, 07 Dec 2016 02:19:15 -0500 Received: from mail-pf0-f196.google.com ([209.85.192.196]:34036) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1cEWVT-0006eb-La for guix-devel@gnu.org; Wed, 07 Dec 2016 02:19:11 -0500 Received: by mail-pf0-f196.google.com with SMTP id y68so20069752pfb.1 for ; Tue, 06 Dec 2016 23:19:11 -0800 (PST) In-Reply-To: <20161205183101.5937-3-ng0@libertad.pw> (ng0@libertad.pw's message of "Mon, 5 Dec 2016 18:31:01 +0000") List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: ng0 Cc: guix-devel@gnu.org --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hi ng0! Neat, I never knew about tlsdate until now! ng0 writes: > * gnu/services/networking.scm (): New record type. > (%tlsdate-accounts): New variables. > (tlsdate-shepherd-service): New procedure. > (tlsdate-service-type): New variable. > * doc/guix.texi (Networking Services): Document it. > --- > doc/guix.texi | 32 +++++++++++++++++ > gnu/services/networking.scm | 84 +++++++++++++++++++++++++++++++++++++++= +++++- > 2 files changed, 115 insertions(+), 1 deletion(-) > > diff --git a/doc/guix.texi b/doc/guix.texi > index 4d7f96d90..f6efd040d 100644 > --- a/doc/guix.texi > +++ b/doc/guix.texi > @@ -8594,6 +8594,38 @@ make an initial adjustment of more than 1,000 seco= nds. > List of host names used as the default NTP servers. > @end defvr >=20=20 > +@cindex tlsdate > +@deffn {Scheme Procedure} tlsdate-service [#:config (tlsdate-configurati= on)] > + > +Return a service that runs @command{tlsdate}, a simple TCP based time se= rvice. > +The daemon will synchronize the system clock with a server of your > +choice via TCP at boot. When you said TCP, did you mean TLS? Are we running the daemon, or are we just running the tlsdate command once at boot? > +The optional @var{config} argument should be a > +@code{} object, by default it syncs the time with= gnu.org. > + > +@end deffn > + > +@deftp {Data Type} tlsdate-configuration > +Data type representing the configuration of tlsdate. > + > +@table @asis > +@item @code{package} (default: @var{tlsdate}) > +Package object of the tlsdate time service. > + > +@item @code{port} (default: @var{'()}) > +Set the port of the remote hostname which should be used. > + > +@item @code{host} (default: @var{"gnu.org"}) > +Set the remote hostname which will be queried. Defaults to @code{gnu.org= }. I've briefly read about tlsdate. Looks like it's a hack to sync time from a "trusted" source using TLS. Since this trust will vary by user, wouldn't it be better to leave this field to the discretion of the user? I think one could also argue that to be good Internet neighbors, we should avoid putting a default hostname in here, to avoid spamming one specific host by default with all the tlsdate traffic from this service. > +@item @code{extra-options} (default: @var{'()}) > +Extra options will be passed to @code{tlsdate}, please run > +@command{man tlsdate} for more information. > + > +@end table > +@end deftp > + > @cindex Tor > @deffn {Scheme Procedure} tor-service [@var{config-file}] [#:tor @var{to= r}] > Return a service to run the @uref{https://torproject.org, Tor} anonymous > diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm > index d672ecf68..52a899b8f 100644 > --- a/gnu/services/networking.scm > +++ b/gnu/services/networking.scm > @@ -3,6 +3,7 @@ > ;;; Copyright =C2=A9 2015 Mark H Weaver > ;;; Copyright =C2=A9 2016 Efraim Flashner > ;;; Copyright =C2=A9 2016 John Darrington > +;;; Copyright =C2=A9 2016 ng0 > ;;; > ;;; This file is part of GNU Guix. > ;;; > @@ -66,7 +67,13 @@ > wicd-service > network-manager-service > connman-service > - wpa-supplicant-service-type)) > + wpa-supplicant-service-type > + > + tlsdate-service > + tlsdate-configuration > + tlsdate-service-type > + tlsdate-configuration? > + tlsdate-configuration)) >=20=20 > ;;; Commentary: > ;;; > @@ -360,6 +367,81 @@ make an initial adjustment of more than 1,000 second= s." >=20=20 > > ;;; > +;;; tlsdate > +;;; > + > +(define-record-type* > + tlsdate-configuration make-tlsdate-configuration > + tlsdate-configuration? > + (package tlsdate-configuration-package > + (default tlsdate)) > + (host tlsdate-configuration-host > + (default "gnu.org")) > + (port tlsdate-configuration-port > + (default #f)) > + (extra-options tlsdate-configuration-extra-options > + (default '()))) > + > +(define %tlsdate-accounts > + (list (user-group (name "tlsdate") (system? #t)) > + (user-account > + (name "tlsdate") > + (group "tlsdate") > + (system? #t) > + (comment "tlsdate daemon user") Is this really a daemon? It looks like we're just invoking a command which runs once at boot, but perhaps I'm mistaken. > + (home-directory "/var/empty") > + (shell (file-append shadow "/sbin/nologin"))))) > + > +(define tlsdate-shepherd-service > + (match-lambda > + (($ > + package host port extra-options) > + (let* ((tlsdate (file-append package "/bin/tlsdate")) > + (command `(,tlsdate > + "-l" ; leap > + "-t" ; timewarp > + ,@(if host > + `(,(string-append > + "-H" " " host)) > + '()) > + ,@(if port > + `(,(string-append > + "-p" " " (number->string port))) > + '()) > + ,@extra-options))) > + (list (shepherd-service > + ;;(provision '(tlsdate)) > + (provision '(ntp)) > + ;; tlsdate needs at least one network interface to be up, = hence the > + ;; dependency on 'loopback'. > + (requirement '(user-processes loopback syslogd)) > + > + (start #~(make-forkexec-constructor '#$command Just so I'm clear here, you've written '#$command in the gexp here because when command is expanded via ungexp (#$), it will be expanded into a list, and you intend to pass that list literally to the make-forkexec-constructor procedure (at the time the gexp is run), which is why you used quote ('). Right? > + #:user "tlsdate" > + #:group "tlsdate")) > + (stop #~(make-kill-destructor)) Does this "service" actually spawn a long-running process? If not, will this destructor actually be used? If it IS used, will it send a signal to a non-existent process (or worse, a process that happens to share the same PID as the one we previously spawned)? Will Shepherd repeatedly re-spawn the "service"? I'm still learning how Shepherd services work, so if I'm missing something obvious, please let me know. > + (documentation "Run the tlsdate service."))))))) > + > +(define tlsdate-service-type > + (service-type > + (name 'tlsdate) > + (extensions > + (list (service-extension shepherd-root-service-type > + tlsdate-shepherd-service) > + (service-extension account-service-type > + (const %tlsdate-accounts)))))) > + > +(define* (tlsdate-service #:key (config (tlsdate-configuration))) > + "Return a service that runs @command{tlsdate}, a simple TCP based > +time service. When you said TCP, did you mean TLS? > +The optional @var{config} argument should be a > +@code{} object, by default it querries gnu.org > +for time once at boot." > + (service tlsdate-service-type config)) When I talked with davexunit on IRC about doing something with a side-effect once at boot, he was not in support of the idea [1], and I agree he was right about that. Maybe this tlsdate service is a little different since it's happening once at EVERY boot instead of just the very first one. However, if we're going to add a tlsdate service, wouldn't it make sense to use tlsdated instead of invoking tlsdate once? Alternatively, if using tlsdated is difficult for some reason, is it feasible to hold off on adding this service? It seems to me like you could accomplish what you need by running tlsdate ad-hoc when you need it, or perhaps by configuring your own mcron job to run it periodically (see: (guix) Scheduled Job Execution). Again, I might be missing something, so please let me know if that isn't a feasible alternative to this service you're proposing. [1] See https://gnunet.org/bot/log/guix/2016-11-30#T1216852 (excerpt follow= s): [14:29:15] davexunit, I see. Cool. Also, is there a way to do so= mething "one time at first boot" in a GuixSD system, I wonder? [14:29:44] marusich: no [14:29:52] that goes against everything GuixSD is about [14:30:08] if the only the first generation of a system did som= e side-effect [14:30:14] it would be hard to reproduce elsewhere =2D-=20 Chris --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJYR7evAAoJEN1AmhXYIkadi1kP/3+qxFTTN4T1r/tNOmP/m1Lu eXHkrbo4CeJqlQrPEA0So9Ptv3LZtiofqj2wJUdNKW5uRZjCXiOLxhmWvHruvPR7 PNrkCrPJhU4lBJ0SBIbSnVcPRv8wsanP+uYBqLyjJ5pemhfiyVu8O59UiV54Hg5k jFv3fD/PAEPR2GA/Yx8eLszPSAIs7Nqegjvc3bMQv9NzZclHM4rVklivxUdAad/c u8HLM9i/2b+lO2q8ZyNzC19dAKlGm1mW1BlCFnSXDPboqL4DGyvNF0mXaK5a2xzt ZAwT7FuCdbbDyitVeV0vEYI+aSml2weJz3uHoS+W6Wc1YqK028/sAJOzE4izV6y6 NeWenaTnQ/cBU/XTHMdy7Ic23+AhXRqdMXDJs5+bFBpvxBSX0/+3wqIM+yXS4hfG Q1Q7Z6AVfno4v2byBpBj+RH3lp5b9WbYMHzkyxS0xNJFj3Nn8qhLG4aWtuW35NYU OmfDJ8w5rNXa2vPWsDq22EHqJkGaUDBb34KuFiMeMkJHPCa/4GTruaDREYEoVcnb C3pfaY4COw2bTeUSMBUUhsXGGjhoMyYVRT9O3mdI0FtRnhEZCZ1vy4wKZWSNWhLq uEZW+WHwdFqItfLvgPixPF6859qOdn8xQlKNlHrORRZtq1pxZ59JXEB36TFkkLm3 DZj18e8lSuGe5l5TzZ7A =TZVO -----END PGP SIGNATURE----- --=-=-=--