From patchwork Fri Sep 22 12:54:11 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Ludovic_Court=C3=A8s?= X-Patchwork-Id: 54155 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id CD31327BBE2; Fri, 22 Sep 2023 13:56:13 +0100 (BST) X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,MAILING_LIST_MULTI,SPF_HELO_PASS,URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.6 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTPS id C942C27BBE9 for ; Fri, 22 Sep 2023 13:56:08 +0100 (BST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1qjfhJ-0001O6-Um; Fri, 22 Sep 2023 08:55:53 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qjfhI-0001Nf-LU for guix-patches@gnu.org; Fri, 22 Sep 2023 08:55:52 -0400 Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1qjfhI-0008B8-DQ for guix-patches@gnu.org; Fri, 22 Sep 2023 08:55:52 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1qjfhS-0005j8-VG for guix-patches@gnu.org; Fri, 22 Sep 2023 08:56:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#66156] [PATCH 10/12] services: hurd-vm: Disable password-based authentication for root. Resent-From: Ludovic =?utf-8?q?Court=C3=A8s?= Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Fri, 22 Sep 2023 12:56:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 66156 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 66156@debbugs.gnu.org Cc: Ludovic =?utf-8?q?Court=C3=A8s?= Received: via spool by 66156-submit@debbugs.gnu.org id=B66156.169538731321912 (code B ref 66156); Fri, 22 Sep 2023 12:56:02 +0000 Received: (at 66156) by debbugs.gnu.org; 22 Sep 2023 12:55:13 +0000 Received: from localhost ([127.0.0.1]:35593 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1qjfge-0005hC-EH for submit@debbugs.gnu.org; Fri, 22 Sep 2023 08:55:13 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:50938) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1qjfgO-0005ej-UI for 66156@debbugs.gnu.org; Fri, 22 Sep 2023 08:54:57 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qjfg8-0007oC-Vp; Fri, 22 Sep 2023 08:54:41 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-Version:References:In-Reply-To:Date:Subject:To: From; bh=OcHqeEYET742kbyA1nLhJB1CYXuKwjrA2DAtXQyIPAs=; b=E3Y0GPepdhAPV5LLeAdr nomQFxgIAydN+VXhEyFT75pLqvIAMcCCo/u8154o6lnVIetAqCosrpag2Nnyi3oAJPrqL3DgXG9d/ GDDDXf1EfV6VU7bEBIOZF5x+ko7N2c0oqVr6YdF/8z9ESLVpZCgsZsFY0B7Nj40UchtDM3p4GMkxL HLs0KRoCrWzE8hYoJcD8oizEPb+pL43TENBqBOksyfUpqaMBckWkmGdmIwBAYHkEKLAzU+DbY2Dzk as7DikVb0EjakpmRGLHRIflv3ngTmpMNi1PEdh+YCh0FLNh9AsVirczeqG6sVBRvbkmbz1KyT6yXt 2jf74csk2n/obw==; From: Ludovic =?utf-8?q?Court=C3=A8s?= Date: Fri, 22 Sep 2023 14:54:11 +0200 Message-ID: <6e196f23d37629348018a5e63b9701998c7453e5.1695386493.git.ludo@gnu.org> X-Mailer: git-send-email 2.41.0 In-Reply-To: References: MIME-Version: 1.0 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org X-getmail-retrieved-from-mailbox: Patches With offloading to a childhurd is enabled, allowing password-less root login in the childhurd to anyone amounts to providing write access to the host’s store to anyone. Thus, disable password-based root logins in the childhurd. * gnu/services/virtualization.scm (%hurd-vm-operating-system): Change ‘permit-root-login’ to 'prohibit-password. * gnu/tests/virtualization.scm (%childhurd-os): Provide a custom ‘os’ field for ‘hurd-vm-configuration’. * doc/guix.texi (Virtualization Services): Remove mention of password-less root login. --- doc/guix.texi | 5 ----- gnu/services/virtualization.scm | 2 +- gnu/tests/virtualization.scm | 15 ++++++++++++++- 3 files changed, 15 insertions(+), 7 deletions(-) diff --git a/doc/guix.texi b/doc/guix.texi index 472e2e0958..95f29a2d19 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -35718,11 +35718,6 @@ Virtualization Services The default configuration (see @code{hurd-vm-configuration} below) spawns a secure shell (SSH) server in your GNU/Hurd system, which QEMU (the virtual machine emulator) redirects to port 10222 on the host. -Thus, you can connect over SSH to the childhurd with: - -@example -ssh root@@localhost -p 10022 -@end example The childhurd is volatile and stateless: it starts with a fresh root file system every time you restart it. By default though, all the files diff --git a/gnu/services/virtualization.scm b/gnu/services/virtualization.scm index 258b503461..930c2ce702 100644 --- a/gnu/services/virtualization.scm +++ b/gnu/services/virtualization.scm @@ -1080,7 +1080,7 @@ (define %hurd-vm-operating-system (openssh-configuration (openssh openssh-sans-x) (use-pam? #f) - (permit-root-login #t) + (permit-root-login 'prohibit-password) (allow-empty-passwords? #t) (password-authentication? #t))) diff --git a/gnu/tests/virtualization.scm b/gnu/tests/virtualization.scm index 9e7928703e..599e58edf0 100644 --- a/gnu/tests/virtualization.scm +++ b/gnu/tests/virtualization.scm @@ -31,6 +31,7 @@ (define-module (gnu tests virtualization) #:use-module (gnu services) #:use-module (gnu services dbus) #:use-module (gnu services networking) + #:use-module (gnu services ssh) #:use-module (gnu services virtualization) #:use-module (gnu packages ssh) #:use-module (gnu packages virtualization) @@ -228,7 +229,19 @@ (define %test-qemu-guest-agent (define %childhurd-os (simple-operating-system (service dhcp-client-service-type) - (service hurd-vm-service-type))) + (service hurd-vm-service-type + (hurd-vm-configuration + ;; Allow root login with an empty password to simplify the test + ;; below. + (os (operating-system + (inherit %hurd-vm-operating-system) + (services + (modify-services (operating-system-user-services + %hurd-vm-operating-system) + (openssh-service-type + config => (openssh-configuration + (inherit config) + (permit-root-login #t))))))))))) (define (run-childhurd-test) (define os