bug#32197: bug#30993: OpenSSH sshd killed by Shepherd 0.4.0

[Martin Castillo <castilma@uni-bremen.de>]

[-- Attachment #1.1.1: Type: text/plain, Size: 533 bytes --]

On 19.07.2018 15:15, Clément Lassieur wrote:
> [...]
> Martin, could you please test it?  (You just need to 'guix pull' and try
> again.)  Leo, if you confirm my analysis, could you please unmerge the
> bugs?
>
> Thanks,
> Clément
>

It still does not work for me.

Attached are my guix version, dmesg|grep shepherd output, config.scm and
my qemu invocation (metal).

I run that system in qemu, but it is installed directly on my harddrive.

Martin

-- 
GPG: 7FDE 7190 2F73 2C50 236E  403D CC13 48F1 E644 08EC

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1.1.2: config.scm --]
[-- Type: text/x-scheme; name="config.scm", Size: 5455 bytes --]

;; This is an operating system configuration template
;; for a "desktop" setup without full-blown desktop
;; environments.
;; This is an operating system configuration template
;; for a "bare bones" setup, with no X11 display server.

;(use-modules (gnu))
(use-modules (gnu) (gnu system nss))
(use-service-modules ssh)
(use-service-modules base desktop xorg)
(use-package-modules certs linux suckless wm)
;(use-package-modules admin)

(define cyborg-quirk
"Section \"InputClass\"
	Identifier \"Saitek Cyborg R.A.T.5 Mouse\"
	MatchIsPointer \"on\"
	MatchProduct \"Saitek Cyborg R.A.T.5 Mouse\"
	MatchVendor \"Saitek|SAITEK\"
	MatchDevicePath \"/dev/input/event*\"
	Option \"ButtonMapping\" \"1 2 3 4 5 6 7 2 9 4 5 12 0 0 0\"
	Option \"ZAxisMapping\" \"10 11\"
#	Option \"AutoReleaseButtons\" \"12 13 14 15\"
EndSection
")

(define xneo
"Section \"InputClass\"
	Identifier \"keyboard-all\"
	Option \"XkbLayout\" \"neo\"
	MatchIsKeyboard \"on\"
EndSection
")

(define %my-xorg-conf
	(xorg-configuration-file #:extra-config (list cyborg-quirk xneo)))

(define %my-startx
	(xorg-start-command #:configuration-file %my-xorg-conf))

(define %my-services
       ;; My very own list of services.
       (modify-services %desktop-services
         (guix-service-type config =>
                            (guix-configuration
                             (inherit config)
			     (extra-options '("-M4"))
                             (substitute-urls (cons* "https://berlin.guixsd.org"
                                                     "https://hydra.gnu.org"
                                                     (guix-configuration-substitute-urls config)))))
         (openssh-service-type config =>
                            (openssh-configuration
                             (inherit config)
			     (x11-forwarding? (openssh-configuration-x11-forwarding? config))))
	 (slim-service-type config =>
			    (slim-configuration
			      (inherit config)
			      (startx %my-startx)
			      (default-user "mcd")))))


(operating-system
  (host-name "komputilo")
  (timezone "Europe/Berlin")
  (locale "de_DE.UTF-8")
  (hosts-file (plain-file "hosts"
"127.0.0.1 localhost komputilo
::1       localhost komputilo

192.168.178.20 pi.fritz.box pi"))

  ;; Assuming /dev/sdX is the target hard disk, and "my-root" is
  ;; the label of the target root file system.
  (bootloader (bootloader-configuration (bootloader
                                          (bootloader (inherit grub-bootloader)
                                                      (installer #~(const #t))))))
;  (bootloader (bootloader-configuration (bootloader grub-bootloader)
;					(target "/dev/sda3")
				  ;(menu-entries '((menu-entry
				;		    (label "Grub Nixos")
				;		    (multiboot "(hd0)") ; still unsupported
				;                   )))
;					))
  (file-systems (cons (file-system
                        (device (file-system-label "guix-root"))
                        (mount-point "/")
                        (type "ext4"))
                      %base-file-systems))

  ;; This is where user accounts are specified.  The "root"
  ;; account is implicit, and is initially created with the
  ;; empty password.
  (users (cons (user-account
                (name "mcd")
                (comment "Martin Castillo")
                (group "users")

                ;; Adding the account to the "wheel" group
                ;; makes it a sudoer.  Adding it to "audio"
                ;; and "video" allows the user to play sound
                ;; and access the webcam.
                (supplementary-groups '("wheel" ; "plugdev" ? für mtp? ist aber undefiniert
                                        "audio" "video" "netdev")) ;workmanager"))
                (home-directory "/home/mcd"))
               %base-user-accounts))

  ;; Globally-installed packages.
  ;(packages (cons tcpdump %base-packages))
  ;; Add a bunch of window managers; we can choose one at
  ;; the log-in screen with F1.
  (packages (cons* dmenu ;window managers
                   nss-certs                      ;for HTTPS access
                   kbd-neo
                   %base-packages))

  ;; Add services to the baseline: a DHCP client and
  ;; an SSH server.
  (services (cons* ;(dhcp-client-service)
;                   (gpm-service) ;mouse in vt
                   (console-keymap-service (file-append kbd-neo "/share/keymaps/neo.map"));;
                   (service openssh-service-type
                            (openssh-configuration
                              (x11-forwarding? #t)
                              (accepted-environment '("COLORTERM" "Foo"))
                              (port-number 22)))

                   (simple-service 'store-my-config etc-service-type
                                   `(("config.scm" ,(local-file (assoc-ref
                                                                  (current-source-location)
                                                                  'filename)))))
                   (xfce-desktop-service)
                   %my-services))

  ;; Use the "desktop" services, which include the X11
  ;; log-in service, networking with Wicd, and more.
  ;(services %desktop-services)

  ;; Allow resolution of '.local' host names with mDNS.
  (name-service-switch %mdns-host-lookup-nss))

[-- Attachment #1.1.3: shepherd.dmesg --]
[-- Type: text/plain, Size: 2079 bytes --]

[   11.764507] shepherd[1]: Service root has been started.
[   14.719803] shepherd[1]: starting services...
[   14.722728] shepherd[1]: Service root-file-system has been started.
[   14.725482] shepherd[1]: Service user-file-systems has been started.
[   14.729274] shepherd[1]: Service file-system-/dev/pts has been started.
[   14.732863] shepherd[1]: Service file-system-/dev/shm has been started.
[   14.736110] shepherd[1]: Service file-system-/gnu/store has been started.
[   14.750763] shepherd[1]: Service file-system-/run/systemd has been started.
[   14.757029] shepherd[1]: Service file-system-/run/user has been started.
[   14.760723] shepherd[1]: Service file-system-/sys/fs/cgroup has been started.
[   14.765708] shepherd[1]: Service file-system-/sys/fs/cgroup/elogind has been started.
[   14.776834] shepherd[1]: Service file-system-/sys/fs/cgroup/cpuset has been started.
[   14.790800] shepherd[1]: Service file-system-/sys/fs/cgroup/cpu has been started.
[   14.795139] shepherd[1]: Service file-system-/sys/fs/cgroup/cpuacct has been started.
[   14.810192] shepherd[1]: Service file-system-/sys/fs/cgroup/memory has been started.
[   14.814319] shepherd[1]: Service file-system-/sys/fs/cgroup/devices has been started.
[   14.827923] shepherd[1]: Service file-system-/sys/fs/cgroup/freezer has been started.
[   14.834046] shepherd[1]: Service file-system-/sys/fs/cgroup/blkio has been started.
[   14.838283] shepherd[1]: Service file-system-/sys/fs/cgroup/perf_event has been started.
[   14.841524] shepherd[1]: Service file-systems has been started.
[   14.966786] shepherd[1]: waiting for udevd...
[   15.627793] shepherd[1]: Service udev has been started.
[   15.679916] shepherd[1]: Service urandom-seed has been started.
[   15.684068] shepherd[1]: Service user-processes has been started.
[   15.688369] shepherd[1]: Service host-name has been started.
[   15.719811] shepherd[1]: Service user-homes could not be started.
[   16.737051] shepherd[1]: Service nscd has been started.
[   16.780356] shepherd[1]: Service guix-daemon has been started.

[-- Attachment #1.1.4: version --]
[-- Type: text/plain, Size: 292 bytes --]

guix (GNU Guix) 264967c883d32606c18b378f717c303e7490c942
Copyright (C) 2018 the Guix authors
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

[-- Attachment #1.1.5: metal --]
[-- Type: text/plain, Size: 555 bytes --]

# runs qemu as mcd but with read and write access to sda

mount |egrep -q 'sd(a|b)3'  && echo guix-root is maybe mounted. Aborting. && exit

set -v
sudo sh -c 'exec sudo -u mcd -C 6 sh -c "
  exec qemu-system-x86_64 -m 1800 -smp 2 -enable-kvm \
		-net nic,model=virtio \
		-net user,hostfwd=tcp::5560-:2222,hostfwd=tcp::5559-:22 \
		-add-fd fd=5,set=2,opaque=rdwr:$(readlink -f /dev/disk/by-id/ata-Hitachi_HDT721010SLA360_STF6L7MS20ALEK) \
		-drive file=/dev/fdset/2,index=0,media=disk" \
		5<>/dev/disk/by-id/ata-Hitachi_HDT721010SLA360_STF6L7MS20ALEK '

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]