From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp12.migadu.com ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms5.migadu.com with LMTPS id oBDjKg/WemLkJwAAbAwnHQ (envelope-from ) for ; Tue, 10 May 2022 23:15:59 +0200 Received: from aspmx1.migadu.com ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp12.migadu.com with LMTPS id 6LbvKg/WemIdKAEAauVa8A (envelope-from ) for ; Tue, 10 May 2022 23:15:59 +0200 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 2F41739F37 for ; Tue, 10 May 2022 23:15:59 +0200 (CEST) Received: from localhost ([::1]:47804 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1noXD3-0001Cl-GD for larch@yhetil.org; Tue, 10 May 2022 17:15:57 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:33644) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1noXCj-0001Cb-Lh for help-guix@gnu.org; Tue, 10 May 2022 17:15:37 -0400 Received: from sender4-op-o11.zoho.com ([136.143.188.11]:17153) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1noXCh-0002Kh-68 for help-guix@gnu.org; Tue, 10 May 2022 17:15:37 -0400 ARC-Seal: i=1; a=rsa-sha256; t=1652217328; cv=none; d=zohomail.com; s=zohoarc; b=eL5/9XJFi7cKtevYCRJhmkODJj1KNx4q571jUc0LJkJ2Cj8x4bwaWGwSOZ5lbipXVfxQaQLO+P/plDiFDuIDWAvFkxZ7/a/ZB1zT2NyhOxNf3mL8KCVuJW7bP8wumDG9bjp7a0KMYEHm2G1sOJmnY+kAXWm7vMDIdT3WuKKxNJo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1652217328; h=Content-Type:Date:From:MIME-Version:Message-ID:Subject:To; bh=bJ3dNLW60X6tmkTYak7MlUVNYXMJyrpE8RXtQepfg+U=; b=KxxsHzJBxdg9HtdjtM5lj0aWSuHeSMehUPUdQ1/k/eQ66muYh55hzixYK7FKOfhRR3oFa1sobY66vKbYHN/G1HXIAOyvhZqU17TUFlBjJD9T43k6ggJietwqZGyQFBij+TcJThyxq+JLNQB7X7Tb+A6+t3FJymgcrcDvDi+VgjE= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=beaver-labs.com; spf=pass smtp.mailfrom=edk@beaver-labs.com; dmarc=pass header.from= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1652217328; s=zoho; d=beaver-labs.com; i=edk@beaver-labs.com; h=From:From:To:To:Subject:Subject:Date:Date:Message-ID:MIME-Version:Content-Type:Message-Id:Reply-To:Cc; bh=bJ3dNLW60X6tmkTYak7MlUVNYXMJyrpE8RXtQepfg+U=; b=Qnu8czuVImjiG8SVLTSpAXFWfP69Asl8pKaDJY3vxIW7S9Z8leEAG692PRz4fqUb sw7NC+ykGdqqBSSYOphqEtQo9F8T1HpGS6/WgtH00ZYz/6Q34BfDt00PgP+43PV/REn ys/22XzXvxkyyt/ujndAnvnmQSmj0UjXv2qNqI6Y= Received: from schwarzy (lfbn-idf3-1-202-150.w90-22.abo.wanadoo.fr [90.22.201.150]) by mx.zohomail.com with SMTPS id 1652217325535350.9274543118713; Tue, 10 May 2022 14:15:25 -0700 (PDT) User-agent: mu4e 1.6.10; emacs 27.2 From: Edouard Klein To: help-guix@gnu.org Subject: How do I extend openssh-service-type ? Date: Tue, 10 May 2022 23:07:10 +0200 Message-ID: <87tu9xum2c.fsf@rdklein.fr> MIME-Version: 1.0 Content-Type: text/plain X-ZohoMailClient: External Received-SPF: pass client-ip=136.143.188.11; envelope-from=edk@beaver-labs.com; helo=sender4-op-o11.zoho.com X-Spam_score_int: -16 X-Spam_score: -1.7 X-Spam_bar: - X-Spam_report: (-1.7 / 5.0 requ) BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=no autolearn_force=no X-Spam_action: no action X-BeenThere: help-guix@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: help-guix-bounces+larch=yhetil.org@gnu.org Sender: "Help-Guix" X-Migadu-Flow: FLOW_IN X-Migadu-To: larch@yhetil.org X-Migadu-Country: US ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1652217359; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=bJ3dNLW60X6tmkTYak7MlUVNYXMJyrpE8RXtQepfg+U=; b=a4dERpFNuEilh6mjIxZLmToKdhoAM1BrejpCVdQiWGoJXzUREoEK5cAJeSE8GX0CFZLQMt 3OhjBA7+YO+Q7A903Gn7jhwoIzfztLDTCYuZxlWfItVI2S6c9Y0pB9cPgStODCHM/0ceF/ gmDaARwYiOwHbjfe5esVE05lvx5aIXSB4rYbkrIpymjqMHqfZibC0sp6c/cq2+pJkpKg1V M5QfNTp1KLhOG7xH6BOkIqBDqs0ovLET/uom41sdGmrIgCyGG/07285WysJE/KGGrm4Msd LyHOkdvlQoLaZUzlj4l7SPMSJrPg2vGwpW8MQwzV43KlKwkd/m9mtme/BQ3jJg== ARC-Seal: i=2; s=key1; d=yhetil.org; t=1652217359; a=rsa-sha256; cv=pass; b=B1Yh+RnjFVWIC/n0exYz/oLOZuPGY1+PkKPBE2Jimy8pSHHKHEa8irZ1s9c4vXjDzsI9L4 kDmMAfGXumK8N73dOZDVPyhOacdv9Ktl4Pxc+zxrr0+iYWJ90oIbAjqvdXxE2PQs3wOlPM 6ECbaP1bUOiG3zEqFLOnmTj15eg7+vRiWsYCwQak74IrMoTQabID3cl3v52HiqPe5MtqcO sJWLqL637rVXcgssLrGP+rhwL0DWYLbpmZwwnSNHAILREYtNhYh30XXs6gFjOoNCcokNJ4 YACQxW9xQ8A4CKCGE18qmWea0l/uQXr+naGlCc+fCmfGxEzfENriA/QpCIGn8A== ARC-Authentication-Results: i=2; aspmx1.migadu.com; dkim=none ("invalid DKIM record") header.d=beaver-labs.com header.s=zoho header.b=Qnu8czuV; arc=pass ("zohomail.com:s=zohoarc:i=1"); dmarc=none; spf=pass (aspmx1.migadu.com: domain of "help-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="help-guix-bounces+larch=yhetil.org@gnu.org" X-Migadu-Spam-Score: -3.31 Authentication-Results: aspmx1.migadu.com; dkim=none ("invalid DKIM record") header.d=beaver-labs.com header.s=zoho header.b=Qnu8czuV; arc=pass ("zohomail.com:s=zohoarc:i=1"); dmarc=none; spf=pass (aspmx1.migadu.com: domain of "help-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="help-guix-bounces+larch=yhetil.org@gnu.org" X-Migadu-Queue-Id: 2F41739F37 X-Spam-Score: -3.31 X-Migadu-Scanner: scn1.migadu.com X-TUID: uRM95RQGYEJC Hi ! I'm trying to make sense of: https://guix.gnu.org/manual/en/guix.html#index-openssh_002dservice_002dtype #+begin_quote This service can be extended with extra authorized keys, as in this example: (service-extension openssh-service-type (const `(("charlie" ,(local-file "charlie.pub"))))) #+end_quote My goal is to do exactly that: add a public key to a user of an operating system whose openssh-service-type is already configured elsewhere. I can do it by going to this "elsewhere" and adding the ("charlie" ,(local-file "charlie.pub")) in the authorized-keys field of the openssh-configuration, but when I try to extend the service, the key is just ignored and does not appear in /etc/ssh/authorized-keys.d/ I've tried adding a simple-service to the operating-system declaration like so: #+begin_src scheme (simple-service (format #f "ssh keys for user ~a" "toto") openssh-service-type (list `("toto" ,(local-file "toto.pub")))) #+end_src I also tried the verbose version: #+begin_src scheme (service (service-type (name 'tamereenslip) (extensions (list (service-extension openssh-service-type (const `(("toto" ,(local-file "toto.pub")))))))) #f) #+end_src I'm at my wit's end. I could not find any examples online or by grepping the source code. Has anybody ever been successful in extending the openssh-service ? If so, could I please see your code ? Thanks, Edouard.