From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp0 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id YOCVH3ZPTl/pfwAA0tVLHw (envelope-from ) for ; Tue, 01 Sep 2020 13:41:10 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp0 with LMTPS id uPGFG3ZPTl/qJQAA1q6Kng (envelope-from ) for ; Tue, 01 Sep 2020 13:41:10 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 026A19404C2 for ; Tue, 1 Sep 2020 13:41:10 +0000 (UTC) Received: from localhost ([::1]:46052 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kD6X6-0000gy-GC for larch@yhetil.org; Tue, 01 Sep 2020 09:41:08 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:47084) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kD6X1-0000gd-2s for guix-patches@gnu.org; Tue, 01 Sep 2020 09:41:03 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:43865) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kD6Wz-0008QM-Ts for guix-patches@gnu.org; Tue, 01 Sep 2020 09:41:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1kD6Wz-0007po-Rz for guix-patches@gnu.org; Tue, 01 Sep 2020 09:41:01 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#43106] [PATCH v3 2/2] services: childhurd: Support installing secrets from the host. In-Reply-To: <20200829215726.3910-1-janneke@gnu.org> Resent-From: Jan Nieuwenhuizen Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Tue, 01 Sep 2020 13:41:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 43106 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: Ludovic =?UTF-8?Q?Court=C3=A8s?= Cc: 43106@debbugs.gnu.org Received: via spool by 43106-submit@debbugs.gnu.org id=B43106.159896765430096 (code B ref 43106); Tue, 01 Sep 2020 13:41:01 +0000 Received: (at 43106) by debbugs.gnu.org; 1 Sep 2020 13:40:54 +0000 Received: from localhost ([127.0.0.1]:55411 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kD6Ws-0007pM-9b for submit@debbugs.gnu.org; Tue, 01 Sep 2020 09:40:54 -0400 Received: from eggs.gnu.org ([209.51.188.92]:36892) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kD6Wq-0007pA-Vw for 43106@debbugs.gnu.org; Tue, 01 Sep 2020 09:40:53 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]:51512) by eggs.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kD6Wl-0008PJ-B7; Tue, 01 Sep 2020 09:40:47 -0400 Received: from [2001:980:1b4f:1:42d2:832d:bb59:862] (port=59890 helo=dundal.janneke.lilypond.org) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from ) id 1kD6Wk-000379-RW; Tue, 01 Sep 2020 09:40:47 -0400 From: Jan Nieuwenhuizen Organization: AvatarAcademy.nl References: <20200831063913.664-1-janneke@gnu.org> <20200831063913.664-3-janneke@gnu.org> <87tuwhao4r.fsf@gnu.org> X-Url: http://AvatarAcademy.nl Date: Tue, 01 Sep 2020 15:40:38 +0200 Message-ID: <87sgc1d38p.fsf@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -2.3 (--) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-Spam-Score: -3.3 (---) X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: "Guix-patches" X-Scanner: scn0 Authentication-Results: aspmx1.migadu.com; dkim=none; dmarc=none; spf=pass (aspmx1.migadu.com: domain of guix-patches-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-patches-bounces@gnu.org X-Spam-Score: -1.01 X-TUID: 6hAUeptrqilX Ludovic Court=C3=A8s writes: > "Jan (janneke) Nieuwenhuizen" skribis: > >> * gnu/system/examples/bare-hurd.tmpl (%hurd-os)[services]: Add secret-se= rvice. >> * gnu/services/virtualization.scm (%hurd-vm-operating-system): Likewise. >> (hurd-vm-shepherd-service): Use it to install secrets. >> * doc/guix.texi (The Hurd in a Virtual Machine): Document it. > > Yay, minor issues, but overall LGTM! \o/ >> (services (cons* >> + ;; Receive secret keys on port 1004, TCP. >> + (service secret-service-type 1004) > > > [...] > >> + (start >> + (with-imported-modules >> + (source-module-closure '((gnu build secret-service) >> + (guix build utils))) >> + #~(let ((spawn (make-forkexec-constructor #$vm-command))) >> + (lambda _ >> + (let ((pid (spawn)) >> + (port #$(hurd-vm-port config %hurd-vm-secrets-port)) >> + (root #$(hurd-vm-configuration-secret-root config))) >> + (and root (directory-exists? root) >> + (catch #t >> + (lambda _ >> + (secret-service-send-secrets port root)) > In any case, we should assume that the VM is always running the secret > service server, and thus call =E2=80=98secret-service-send-secrets=E2=80= =99 > unconditionally (=E2=80=98secret-service-send-secrets=E2=80=99 does (find= -files root), > which returns the empty list when ROOT doesn=E2=80=99t exist, Yeah I was struggling a bit with this; the hurd-vm-service and the childhurd must agree on the usage of secret-service. That's why I came up with this root-dir #f switch...but it's certainly simpler if we say that it must always be there. Let's see if we can get away with that! So, I removed the root-dir checks and we always call 'secret-service-send-secrets', and changed the default from #f to (secret-root hurd-vm-configuration-secret-root ;string (default "/etc/childhurd"))) where "/etc/childhurd" does not need to exist. > Perhaps =E2=80=98hurd-vm-service-type=E2=80=99 should unconditionally ext= end (via > =E2=80=98service-extension=E2=80=99) =E2=80=98secret-service-type=E2=80= =99, just to ensure that Hurd VMs > always include the secret service. Eh, hurd-vm-service lives in the host, the secret-services lives in the client; am I missing something? ;-) We could add a check for secret-service, possibly here (define (hurd-vm-disk-image config) "Return a disk-image for the Hurd according to CONFIG." (let ((os (hurd-vm-configuration-os config)) (disk-size (hurd-vm-configuration-disk-size config))) (system-image (image (inherit hurd-disk-image) (size disk-size) (operating-system os))))) and/or insert if it it's missing...seems a bit over the top to me? > I think.) Yes, it does, but then the default cannot be #f, it must be a string. I'm picking "/etc/childurd" as a default that need not exist. >> + (lambda (keys . args) > > Should be =E2=80=9Ckey=E2=80=9D (singular). Oops :-) >> + (format (current-error-port) >> + "failed to send secrets: ~a ~s\n" key a= rgs) >> + (kill pid) > > (kill (- pid)) to kill the whole process group (just in case). > > I=E2=80=99d remove the =E2=80=98format=E2=80=99 call and just re-throw th= e exception: shepherd > should report it correctly. Done! Changed to unconditionally run (catch #t (lambda _ (secret-service-send-secrets port root)) (lambda (key . args) (kill (- pid) SIGTERM) (apply throw key args))) pid))))) >> + (service (@@ (gnu services virtualization) >> + secret-service-type) 5999)) > > This is useful for testing but I wouldn=E2=80=99t commit it (in particular > because the example would no longer work for people who=E2=80=99re just s= pawning > the VM and not trying to feed it secrets over TCP). Right, removed. > That=E2=80=99s it, thanks a lot! You too! Janneke --=20 Jan Nieuwenhuizen | GNU LilyPond http://lilypond.org Freelance IT http://JoyofSource.com | Avatar=C2=AE http://AvatarAcademy.com