[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] openssh service
From: |
Ludovic Courtès |
Subject: |
Re: [PATCH] openssh service |
Date: |
Mon, 29 Aug 2016 17:06:21 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux) |
Hi Julien,
I just discovered this patch as I go through my backlog, which is fun
because I used sshd as an example to illustrate how GuixSD services work
just a week ago. :-)
Julien Lepiller <address@hidden> skribis:
> address@hidden {Scheme Procedure} openssh-service [#:pidfile
> "/var/run/sshd.pid"] @
#:pid-file
> + [#:port-number 22] [#:root-login "without-password"] @
> + [#:allow-empty-passwords #f] [#:password-authentication? #t] @
> + [#:pubkey-authentication? #t] [#:rsa-authentication? #t] @
> + [#:x11-forwarding? #f] [#:protocol-number "2"]
I agree with Andy’s latest comments regarding naming.
Also, make sure to consistently use question marks for Boolean options,
as in #:allow-empty-passwords?.
Last thing, I would prefer to expose and document
<openssh-configuration>, as is done for Dropbear. We should encourage
this style now, IMO.
(In commit 39012aab3333868d5ab3b39c95682f95212437e2 I enabled PAM
support in OpenSSH, though it’s off by default; maybe in a future patch
we can add #:pam-support?.)
> --- a/gnu/packages/ssh.scm
> +++ b/gnu/packages/ssh.scm
> @@ -142,7 +142,8 @@ a server that supports the SSH-2 protocol.")
> ("zlib" ,zlib)
> ("xauth" ,xauth))) ;for 'ssh -X' and 'ssh -Y'
> (arguments
> - `(#:test-target "tests"
> + `(#:configure-flags `("--sysconfdir=/etc/ssh")
> + #:test-target "tests"
I committed this part independently as
af493726ce16483bd09ed7f73028bab3294131e2. :-)
> +When @var{x11-forwarding} is true, @command{ssh} options -X and -Y will
> work."
@option{-X} and @option{-Y}.
These are all cosmetic details. If you prefer I can do it on your
behalf, just let me know; otherwise, please send an updated patch.
Thank you for your work!
Ludo’.