[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug#54561] [PATCH v3 4/4] services: Add wsdd service.
From: |
simon |
Subject: |
[bug#54561] [PATCH v3 4/4] services: Add wsdd service. |
Date: |
Fri, 29 Jul 2022 00:22:15 +0200 |
From: Simon Streit <simon@netpanic.org>
* doc/guix.texi: Add documentation for wsdd service.
* gnu/services/samba.scm (<wsdd-configuration>): New record.
(wsdd-service-type): New variable.
(wsdd-shepherd-services): New procedure.
* gnu/tests/samba.scm: wsdd test.
---
doc/guix.texi | 69 +++++++++++++++++++++++++++
gnu/services/samba.scm | 105 ++++++++++++++++++++++++++++++++++++++++-
gnu/tests/samba.scm | 61 +++++++++++++++++++++++-
3 files changed, 233 insertions(+), 2 deletions(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index 614d0a0e03..c168f063c3 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -31247,6 +31247,75 @@ Manually enable the @code{winbindd} daemon.
@end table
@end deftp
+@cindex wsdd
+@subsubheading Web Service Discovery Daemon
+
+Web Service Discovery Daemon implements
+@uref{http://docs.oasis-open.org/ws-dd/discovery/1.1/os/wsdd-discovery-1.1-spec-os.html,
+Web Services Dynamic Discovery} protocol that enables host discovery --
+similar to Avahi -- over Multicast DNS. It is a drop-in replacement for
+SMB hosts that have had SMBv1 disabled for security reasons.
+
+@defvr {Scheme Variable} wsdd-service-type
+
+Service type for the WSD host daemon. The value for
+this service type is a @code{wsdd-configuration} record. The details
+for the @code{wsdd-configuration} record type are given below.
+@end defvr
+
+@deftp{Data Type} wsdd-configuration This data type represents the
+configuration for the wsdd service.
+
+@table @asis
+
+@item @code{package} (default: @code{wsdd})
+The wsdd package to use.
+
+@item @code{ipv4only?} (default: @code{#f})
+Only listen to IPv4 addresses.
+
+@item @code{ipv6only} (default: @code{#f})
+Only listen to IPv6 addresses. Please note: Activating both options is
+not possible, since there would be no IP versions to listen to.
+
+@item @code{chroot} (default: @code{#f})
+Chroot into a separate directory to prevent access to other directories.
+This is to increase security in case there is a vulnerability in
+@command{wsdd}.
+
+@item @code{hop-limit} (default: @code{1})
+Limit to the level of hops for multicast packets. The default is
+@var{1} which should prevent packets from leaving the local network.
+
+@item @code{interface} (default: @code{'()})
+Limit to the given list of interfaces to listen to. By default wsdd
+will listen to all interfaces. Except the loopback interface is never
+used.
+
+@item @code{uuid-device} (default: @code{#f})
+The WSD protocol requires a device to have a UUID. Set this to manually
+assign the service a UUID.
+
+@item @code{domain} (default: @code{#f})
+Notify this host is a member of an Active Directory.
+
+@item @code{host-name} (default: @code{#f})
+Manually set the hostname rather than letting @command{wsdd} inherit
+this host's hostname. Only the host name part of a possible FQDN will
+be used in the default case.
+
+@item @code{preserve-case?} (default: @code{#f})
+By default @command{wsdd} will convert the hostname in workgroup to all
+uppercase. The opposite is true for hostnames in domains. Setting this
+parameter will preserve case.
+
+@item @code{workgroup} (default: @var{"WORKGROUP"})
+Change the name of the workgroup. By default @command{wsdd} reports
+this host being member of a workgroup.
+
+@end table
+@end deftp
+
@node Continuous Integration
@subsection Continuous Integration
diff --git a/gnu/services/samba.scm b/gnu/services/samba.scm
index 2c9e52a0b0..c1f9033d63 100644
--- a/gnu/services/samba.scm
+++ b/gnu/services/samba.scm
@@ -41,7 +41,10 @@ (define-module (gnu services samba)
#:export (samba-service-type
samba-configuration
- samba-smb-conf))
+ samba-smb-conf
+
+ wsdd-service-type
+ wsdd-configuration))
(define %smb-conf
(plain-file "smb.conf" "[global]
@@ -180,3 +183,103 @@ (define samba-service-type
(service-extension profile-service-type
(compose list samba-configuration-package))))
(default-value (samba-configuration))))
+
+
+;;;
+;;; WSDD
+;;;
+
+(define-record-type* <wsdd-configuration>
+ wsdd-configuration
+ make-wsdd-configuration
+ wsdd-configuration?
+ (package wsdd-configuration-package
+ (default wsdd))
+ (ipv4only? wsdd-configuration-ipv4only?
+ (default #f))
+ (ipv6only? wsdd-configuration-ipv6only?
+ (default #f))
+ (chroot wsdd-configuration-chroot
+ (default #f))
+ (hoplimit wsdd-configuration-hoplimit
+ (default 1))
+ (interfaces wsdd-configuration-interfaces
+ (default '()))
+ (uuid-device wsdd-configuration-uuid-device
+ (default #f))
+ (domain wsdd-configuration-domain
+ (default #f))
+ (hostname wsdd-configuration-hostname
+ (default #f))
+ (preserve-case? wsdd-configuration-preserve-case?
+ (default #f))
+ (workgroup wsdd-configuration-workgroup
+ (default "WORKGROUP")))
+
+(define wsdd-accounts
+ (list
+ (user-group (name "wsdd"))
+ (user-account (name "wsdd")
+ (group "wsdd")
+ (comment "Web Service Discovery user")
+ (home-directory "/var/empty")
+ (shell (file-append shadow "/sbin/nologin")))))
+
+(define wsdd-shepherd-service
+ (match-lambda
+ (($ <wsdd-configuration> package ipv4only? ipv6only? chroot hoplimit
+ interfaces uuid-device domain hostname
+ preserve-case? workgroup)
+ (list (shepherd-service
+ (documentation "Run a Web Service Discovery service")
+ (provision '(wsdd))
+ (requirement '(networking))
+ (start #~(make-forkexec-constructor
+ (list #$(file-append package "/bin/wsdd")
+ #$@(if ipv4only?
+ #~("--ipv4only")
+ '())
+ #$@(if ipv6only?
+ #~("--ipv6only")
+ '())
+ #$@(if chroot
+ #~("--chroot" #$chroot)
+ '())
+ #$@(if hoplimit
+ #~("--hoplimit" #$(number->string hoplimit))
+ '())
+ #$@(map (lambda (interfaces)
+ (string-append "--interface="
interfaces))
+ interfaces)
+ #$@(if uuid-device
+ #~("--uuid" #$uuid-device)
+ '())
+ #$@(if domain
+ #~("--domain" #$domain)
+ '())
+ #$@(if hostname
+ #~("--hostname" #$hostname)
+ '())
+ #$@(if preserve-case?
+ #~("--preserve-case")
+ '())
+ #$@(if workgroup
+ #~("--workgroup" #$workgroup)
+ '()))
+ #:user "wsdd"
+ #:group "wsdd"
+ #:log-file "/var/log/wsdd.log"))
+ (stop #~(make-kill-destructor)))))))
+
+(define wsdd-service-type
+ (service-type
+ (name 'wsdd)
+ (description "Web Service Discovery Daemon")
+ (extensions
+ (list (service-extension shepherd-root-service-type
+ wsdd-shepherd-service)
+ (service-extension account-service-type
+ (const wsdd-accounts))
+ (service-extension profile-service-type
+ (compose list wsdd-configuration-package))))
+ (default-value (wsdd-configuration))))
diff --git a/gnu/tests/samba.scm b/gnu/tests/samba.scm
index 27d7ea49c3..6b065cd5de 100644
--- a/gnu/tests/samba.scm
+++ b/gnu/tests/samba.scm
@@ -26,7 +26,8 @@ (define-module (gnu tests samba)
#:use-module (gnu packages samba)
#:use-module (guix gexp)
#:use-module (guix store)
- #:export (%test-samba))
+ #:export (%test-samba
+ %test-wsdd))
;;;
@@ -156,3 +157,61 @@ (define %test-samba
(name "samba")
(description "Connect to a running Samba daemon.")
(value (run-samba-test))))
+
+
+;;;
+;;; The wsdd service.
+;;;
+
+(define %wsdd-os
+ (let ((base-os (simple-operating-system
+ (service dhcp-client-service-type)
+ (service wsdd-service-type))))
+ (operating-system
+ (inherit base-os)
+ (packages (cons wsdd (operating-system-packages base-os))))))
+
+(define* (run-wsdd-test)
+ "Return a test of an OS running wsdd service."
+
+ (define vm
+ (virtual-machine
+ (operating-system (marionette-operating-system
+ %wsdd-os
+ #:imported-modules '((gnu services herd))))
+ (port-forwardings '((8135 . 135)
+ (8137 . 137)
+ (8138 . 138)
+ (8445 . 445)))))
+
+ (define test
+ (with-imported-modules '((gnu build marionette))
+ #~(begin
+ (use-modules (gnu build marionette)
+ (srfi srfi-26)
+ (srfi srfi-64))
+
+ (define marionette
+ (make-marionette '(#$vm)))
+
+ (test-runner-current (system-test-runner #$output))
+ (test-begin "wsdd")
+
+ ;; Here shall be more tests to begin with.
+
+ (test-assert "wsdd running"
+ (marionette-eval
+ '(begin
+ (use-modules (gnu services herd))
+ (start-service 'wsdd))
+ marionette))
+
+ (test-end))))
+
+ (gexp->derivation "samba-test" test))
+
+(define %test-wsdd
+ (system-test
+ (name "wsdd")
+ (description "Connect to a running wsdd daemon.")
+ (value (run-wsdd-test))))
--
2.37.1