[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug#67555] [PATCH 1/2] services: kerberos.scm: Rename krb5-service-type
From: |
Felix Lechner |
Subject: |
[bug#67555] [PATCH 1/2] services: kerberos.scm: Rename krb5-service-type and krb5-configuration. |
Date: |
Thu, 30 Nov 2023 16:45:11 -0800 |
In preparation for a nearby commit that will add actual Kerberos services to
Guix, the older names were made more specific. The original names were
misleading and too generic. The krb5-service-type provided no service at all
but merely created a file at /etc/krb5.conf that is needed to associate
equipment with a Kerberos realm.
The original names further suggested that at least some of the needed servers
might be started, making it necessary to clarify otherwise in the
documentation.
Change-Id: I951c16aedcf1141d7d947f984cf89c22d3cc96ce
---
doc/guix.texi | 16 ++++++++--------
gnu/services/kerberos.scm | 19 ++++++++++++++-----
2 files changed, 22 insertions(+), 13 deletions(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index 1fd2e21608..a5119d2058 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -29963,10 +29963,10 @@ Kerberos Services
@subsection Kerberos Services
@cindex Kerberos
-The @code{(gnu services kerberos)} module provides services relating to
-the authentication protocol @dfn{Kerberos}.
+@subsubheading Krb5 Association Service
-@subsubheading Krb5 Service
+The @code{(gnu services kerberos)} module provides miscellaneous
+services relating to the authentication protocol @dfn{Kerberos}.
Programs using a Kerberos client library normally
expect a configuration file in @file{/etc/krb5.conf}.
@@ -29978,15 +29978,15 @@ Kerberos Services
This service is known to work with the MIT client library, @code{mit-krb5}.
Other implementations have not been tested.
-@defvar krb5-service-type
+@defvar krb5-association-service-type
A service type for Kerberos 5 clients.
@end defvar
@noindent
Here is an example of its use:
@lisp
-(service krb5-service-type
- (krb5-configuration
+(service krb5-association-service-type
+ (krb5-association-configuration
(default-realm "EXAMPLE.COM")
(allow-weak-crypto? #t)
(realms (list
@@ -30010,7 +30010,7 @@ Kerberos Services
@item Accepts services which only support encryption types known to be weak.
@end itemize
-The @code{krb5-realm} and @code{krb5-configuration} types have many fields.
+The @code{krb5-realm} and @code{krb5-association-configuration} types have
many fields.
Only the most commonly used ones are described here.
For a full list, and more detailed explanation of each, see the MIT
@uref{https://web.mit.edu/kerberos/krb5-devel/doc/admin/conf_files/krb5_conf.html,,krb5.conf}
@@ -30035,7 +30035,7 @@ Kerberos Services
@end table
@end deftp
-@deftp {Data Type} krb5-configuration
+@deftp {Data Type} krb5-association-configuration
@table @asis
@item @code{allow-weak-crypto?} (default: @code{#f})
diff --git a/gnu/services/kerberos.scm b/gnu/services/kerberos.scm
index a6f540a9b6..ec9b6c10b5 100644
--- a/gnu/services/kerberos.scm
+++ b/gnu/services/kerberos.scm
@@ -20,6 +20,7 @@ (define-module (gnu services kerberos)
#:use-module (gnu services)
#:use-module (gnu services configuration)
#:use-module (gnu system pam)
+ #:use-module (guix deprecation)
#:use-module (guix gexp)
#:use-module (guix records)
#:use-module (srfi srfi-1)
@@ -33,6 +34,10 @@ (define-module (gnu services kerberos)
krb5-realm
krb5-realm?
+ krb5-association-configuration
+ krb5-association-configuration?
+ krb5-association-service-type
+
krb5-configuration
krb5-configuration?
krb5-service-type))
@@ -228,7 +233,7 @@ (define-configuration krb5-realm
;; For a more detailed explanation of these fields see man 5 krb5.conf
-(define-configuration krb5-configuration
+(define-configuration krb5-association-configuration
(allow-weak-crypto?
(boolean/unset unset-field)
"If true, permits access to services which only offer weak encryption.")
@@ -394,20 +399,20 @@ (define-configuration krb5-configuration
"The list of realms which clients may access."))
-(define (krb5-configuration-file config)
+(define (krb5-association-configuration-file config)
"Create a Kerberos 5 configuration file based on CONFIG"
(mixed-text-file "krb5.conf"
"[libdefaults]\n\n"
(with-output-to-string
(lambda ()
(serialize-configuration config
- krb5-configuration-fields)))))
+
krb5-association-configuration-fields)))))
(define (krb5-etc-service config)
- (list `("krb5.conf" ,(krb5-configuration-file config))))
+ (list `("krb5.conf" ,(krb5-association-configuration-file config))))
-(define krb5-service-type
+(define krb5-association-service-type
(service-type (name 'krb5)
(extensions
(list (service-extension etc-service-type
@@ -416,6 +421,10 @@ (define krb5-service-type
normally expect a configuration file in @file{/etc/krb5.conf}. This service
generates such a file. It does not cause any daemon to be started.")))
+(define-deprecated krb-configuration krb5-association-configuration)
+(define-deprecated krb-configuration? krb5-association-configuration?)
+(define-deprecated krb-service-type krb5-association-service-type)
+
(define-record-type* <pam-krb5-configuration>
--
2.41.0