From patchwork Wed Jan 20 20:01:36 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Stefan Karrmann X-Patchwork-Id: 26528 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id B7D5427BC16; Wed, 20 Jan 2021 22:14:06 +0000 (GMT) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, FREEMAIL_FROM,MAILING_LIST_MULTI,RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL, SPF_HELO_PASS,T_DKIM_INVALID,URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.2 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTPS id 9D63E27BC15 for ; Wed, 20 Jan 2021 22:14:05 +0000 (GMT) Received: from localhost ([::1]:38658 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1l2Ljo-0000iV-Ok for patchwork@mira.cbaines.net; Wed, 20 Jan 2021 17:14:04 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:33632) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1l2KKg-0000Wp-Qf for guix-patches@gnu.org; Wed, 20 Jan 2021 15:44:02 -0500 Received: from debbugs.gnu.org ([209.51.188.43]:44796) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1l2KKg-0002g8-J2 for guix-patches@gnu.org; Wed, 20 Jan 2021 15:44:02 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1l2KKg-0001Dk-Fv for guix-patches@gnu.org; Wed, 20 Jan 2021 15:44:02 -0500 X-Loop: help-debbugs@gnu.org Subject: [bug#46008] [PATCH] added mdevd, umtps, nsss Resent-From: s.karrmann@web.de Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Wed, 20 Jan 2021 20:44:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 46008 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 46008@debbugs.gnu.org X-Debbugs-Original-To: guix-patches@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.16111753834586 (code B ref -1); Wed, 20 Jan 2021 20:44:02 +0000 Received: (at submit) by debbugs.gnu.org; 20 Jan 2021 20:43:03 +0000 Received: from localhost ([127.0.0.1]:56339 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1l2KJh-0001Ba-N1 for submit@debbugs.gnu.org; Wed, 20 Jan 2021 15:43:03 -0500 Received: from lists.gnu.org ([209.51.188.17]:33556) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1l2Jfs-0000BW-BE for submit@debbugs.gnu.org; Wed, 20 Jan 2021 15:01:53 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:53972) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1l2Jfq-0000kV-N2 for guix-patches@gnu.org; Wed, 20 Jan 2021 15:01:50 -0500 Received: from mout.web.de ([217.72.192.78]:37465) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1l2Jfh-0005eO-5n for guix-patches@gnu.org; Wed, 20 Jan 2021 15:01:50 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=web.de; s=dbaedf251592; t=1611172896; bh=IclvVfdcxvbQwkJAvTC6FJ5T69TT8nXrm1SEHiCkNdI=; h=X-UI-Sender-Class:From:To:Subject:Date; b=rsu7Eqs1d+OGH6VswGTSAcveSIEwDIBaORTB1nxhZb50WppZQnFPHEY+Jaojtvh5h rph9qeZ9SVtSTPiqK3cu9AArT3+8j3UNBtDbPUUZRzMfl77ndmBFITfesMjfdfkIu4 4zbICin0aUAkaWq4jdVIUANikEd+Ut1W3Igz1E7Q= X-UI-Sender-Class: c548c8c5-30a9-4db5-a2e7-cb6cb037b8f9 Received: from [88.64.83.67] ([88.64.83.67]) by web-mail.web.de (3c-app-webde-bap33.server.lan [172.19.172.33]) (via HTTP); Wed, 20 Jan 2021 21:01:36 +0100 MIME-Version: 1.0 Message-ID: From: s.karrmann@web.de Date: Wed, 20 Jan 2021 21:01:36 +0100 Importance: normal Sensitivity: Normal X-Priority: 3 X-Provags-ID: V03:K1:5M35x/SitLISK0TQmySFVwqmKU97RI/JmVxgLcvtQFEa3hE/pdu0EZpt16vOeX9gpbimH UyWD4UgM78ZDUrm7D0Ku6Qtt30FXU4GgYXD4E3HS3eYa12CSf7N7fdCLrV/m6ukvp93vLKyM0UqF 1c747+G8HC0A36Tn5zR1OpVcJjYwReMMWsoM7qS+WkHKMxsWPDUtqoNSq+rU9ONb1mlGsw/RHyEI g+6hKgfz2M7OzGsU4zkHz8oOzAY8Eq2tHW69mQNCvjKKZGxzXj4+0e0vLHXBQ9FwLo6bZVhXY7K0 VE= X-UI-Out-Filterresults: notjunk:1;V03:K0:Z/ogfhwHEEw=:wgWyawpcDjOX2GeR5vezPv uEMvYJExCDvLqED2qmvdlfrPHopObu1IVELrR8si4gONvB855D+A356OHPwhpwpxbf8YAKDqU kLwkFA8pLQp7qKU3aeceiD1vafifXyPlfT4BAWEg/zGBXaDp9izvQU+9v6G2Sy6qEsfZHgZMp 1+2kZpZzNVY5ZOtb6RRBPAeUD88xSXSerh3dAZqx1avVp9uIIOtTsJnHSjU/4lnx23YsqTVkB PpkR52xL9/Tl2NjId0gnZARcsoa9KSshaO9fpunHkvvD7sl8CJ8p4uB9nRg3axF7fbNw7KHZv apuRKCb4aTGEaCYN0bUogyu9Busx5owTuR6UaSCVtzdwqR3aTF//s4Y8MqNp0z/xkJCIfs/VS kMnaNvOCOoVWkTxgxBviQeKTixowM3boSU/O+zSfIMTwEUqXU+JjxejgFK3XlSauiT1LtAgaa GpzhTy9ckuGeRookPUH2CW3J7gS8eivHKJ6YoqRzwAQVN8+c3oycqup7bh+0HixAsISe3ZYfc 8XC4XgmB2s33tQdv7W4OiELXz2ZE3oq3bim74g8Bsf5yyS2y2qAXspVYazCtA18mZemTtUVXp kmZ31SA5ZKRuk= Received-SPF: pass client-ip=217.72.192.78; envelope-from=s.karrmann@web.de; helo=mout.web.de X-Spam_score_int: -27 X-Spam_score: -2.8 X-Spam_bar: -- X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Mailman-Approved-At: Wed, 20 Jan 2021 15:43:01 -0500 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-Mailman-Approved-At: Wed, 20 Jan 2021 17:13:46 -0500 X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: "Guix-patches" X-getmail-retrieved-from-mailbox: Patches From 1f47de4ed6a82c7e75560b67cacaff0c4d923f00 Mon Sep 17 00:00:00 2001 From: "S.Karrmann" Date: Wed, 20 Jan 2021 20:48:46 +0100 Subject: [PATCH] added mdevd, umtps, nsss --- gnu/packages/skarnet.scm | 134 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 134 insertions(+) diff --git a/gnu/packages/skarnet.scm b/gnu/packages/skarnet.scm index 51be1a30e8..8f66b5ad99 100644 --- a/gnu/packages/skarnet.scm +++ b/gnu/packages/skarnet.scm @@ -4,6 +4,7 @@ ;;; Copyright © 2017 Z. Ren ;;; Copyright © 2018–2021 Tobias Geerinckx-Rice ;;; Copyright © 2020 Oleg Pykhalov +;;; Copyright © 2021 Dr. Stefan Karrmann ;;; ;;; This file is part of GNU Guix. ;;; @@ -368,3 +369,136 @@ all the details."))) "s6-linux-utils is a set of minimalistic Linux-specific system utilities, such as @command{mount}, @command{umount}, and @command{chroot} commands, Linux uevent listeners, a @command{devd} device hotplug daemon, and more."))) + +(define-public mdevd + (package + (name "mdevd") + (version "0.1.3.0") + (source + (origin + (method url-fetch) + (uri (string-append + "https://skarnet.org/software/mdevd/mdevd-" + version ".tar.gz")) + (sha256 + (base32 "0spvw27xxd0m6j8bl8xysmgsx18fl769smr6dsh25s2d5h3sp2dy")))) + (build-system gnu-build-system) + (inputs `(("skalibs" ,skalibs) + ("execline" ,execline))) + (arguments + '(#:configure-flags (list + (string-append "--with-lib=" + (assoc-ref %build-inputs "skalibs") + "/lib/skalibs") + (string-append "--with-sysdeps=" + (assoc-ref %build-inputs "skalibs") + "/lib/skalibs/sysdeps")) + #:tests? #f)) ; no tests exist + (home-page "https://skarnet.org/software/mdevd") + (license isc) + (synopsis "A small daemon managing kernel hotplug events, similarly to udevd") + (description + "It uses the same configuration file as mdev, which is a hotplug +manager integrated in the Busybox suite of tools. However, mdev needs +to be registered in /proc/sys/kernel/hotplug, and the kernel forks an +instance of mdev for every event; by contrast, mdevd is a daemon and +does not fork. + +The point of mdevd is to provide a drop-in replacement to mdev that +does not fork, so it can handle large influxes of events at boot time +without a performance drop. mdevd is designed to be entirely +compatible with advanced mdev usage such as mdev-like-a-boss."))) + +(define-public utmps + (package + (name "utmps") + (version "0.1.0.0") + (source + (origin + (method url-fetch) + (uri (string-append + "https://skarnet.org/software/utmps/utmps-" + version ".tar.gz")) + (sha256 + (base32 "09p0k2sgxr7jlsbrn66fzvzf9zxvpjp85y79xk10hxjglypszyml")))) + (build-system gnu-build-system) + (inputs `(("skalibs" ,skalibs) + ("s6" ,s6))) + (arguments + '(#:configure-flags (list + (string-append "--with-lib=" + (assoc-ref %build-inputs "skalibs") + "/lib/skalibs") + (string-append "--with-sysdeps=" + (assoc-ref %build-inputs "skalibs") + "/lib/skalibs/sysdeps")) + #:tests? #f)) ; no tests exist + (home-page "https://skarnet.org/software/utmps") + (license isc) + (synopsis "Implementation of the utmpx.h family of functions performing user accounting on Unix systems") + (description + "Traditionally, utmp functionality is provided by the system's libc. +However, not all libcs implement utmp: for instance the musl libc, on +Linux, does not. The main reason for it is that utmp functionality is +difficult to implement in a secure way; in particular, it is +impossible to implement without either running a daemon or allowing +arbitrary programs to tamper with user accounting. + +utmps is a secure implementation of user accounting, using a daemon as +the only authority to manage the utmp and wtmp data; programs running +utmp functions are just clients to this daemon."))) + +(define-public nsss + (package + (name "nsss") + (version "0.1.0.0") + (source + (origin + (method url-fetch) + (uri (string-append + "https://skarnet.org/software/nsss/nsss-" + version ".tar.gz")) + (sha256 + (base32 "15rxbwf16wm1la079yr2xn4bccjgd7m8dh6r7bpr6s57cj93i2mq")))) + (build-system gnu-build-system) + (inputs `(("skalibs" ,skalibs) + ("s6" ,s6))) + (arguments + '(#:configure-flags (list + (string-append "--with-lib=" + (assoc-ref %build-inputs "skalibs") + "/lib/skalibs") + (string-append "--with-sysdeps=" + (assoc-ref %build-inputs "skalibs") + "/lib/skalibs/sysdeps")) + #:tests? #f)) ; no tests exist + (home-page "https://skarnet.org/software/nsss") + (license isc) + (synopsis "subset of the pwd.h, group.h and shadow.h family of functions, performing user database access on Unix systems") + (description + "Usually, user database access via getpwnam() and similar function is +provided by the system's libc. However, not all libcs implement a +configurable backend for the user/group database. For instance the +musl libc, on Linux, only supports the standard /etc/passwd mechanism; +it also supports the nscd protocol but this is not quite enough: + +musl only connects to nscd when it cannot find an answer in its files backend +The nscd protocol does not support enumeration, so primitives +such as getpwent() cannot be implemented over nscd. + +The mechanism used by glibc, called Name Service Switch +(abbreviated to nsswitch or NSS), has its own set of issues +that makes it unsuitable in certain situations. + +nsss is a secure implementation of a \"name service switch\": +configurable user/group/shadow database access, providing +getpwnam() et al. functionality by communicating over a Unix +domain socket with a daemon; the daemon can perform lookups in +any database it chooses. + +nsss does not perform dynamic module loading, only adds a +small footprint to the application's binary, and does not add +any complex decision engine into the client's address space. +Applications can be statically linked against the nsss +library, and still benefit from configurable user database +access functions.")))