GNU bug report logs - #38182
[PATCH 0/3] Add PAM Mount.

Previous Next

Package: guix-patches;

Reported by: Guillaume Le Vaillant <glv <at> posteo.net>

Date: Tue, 12 Nov 2019 18:03:01 UTC

Severity: normal

Tags: patch

Done: Ludovic Courtès <ludo <at> gnu.org>

Bug is archived. No further changes may be made.

Full log

Message #20 received at 38182 <at> debbugs.gnu.org (full text, mbox):

From: Guillaume Le Vaillant <glv <at> posteo.net>
To: Ludovic Courtès <ludo <at> gnu.org>
Cc: 38182 <at> debbugs.gnu.org
Subject: Re: [bug#38182] [PATCH 3/3] services: Add pam-mount.
Date: Tue, 26 Nov 2019 23:00:04 +0100

[Message part 1 (text/plain, inline)]
Ludovic Courtès skribis:

> Hi Guillaume,
>
> I’ve applied the first two patches, thanks!
>
> Guillaume Le Vaillant <glv <at> posteo.net> skribis:
>
>> * gnu/services/pam-mount.scm: New file.
>> * gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
>> * doc/guix.texi (PAM Mount Service): New subsection.
>
> […]
>
>> +The @code{(gnu services pam-mount)} module provides a service allowing
>> +users to mount volumes when they log in.  It should be able to mount any
>> +volume format supported by the system.
>
> How does one specify what needs to be mounted upon log-in of a specific
> user?  I’m new to PAM-Mount and I’m left wondering.  :-)

I added an example in the manual.

>> Note that to automatically mount
>> +encrypted volumes using the password the user entered to log in, the
>> +@code{pam-mount} package must be added in the @code{packages} field of
>> +the @code{operating-system} definition.
>
> Should we instead arrange so that the ‘pam-mount’ command (or whatever
> it’s called) is automatically found, instead of asking users to add it
> to ‘packages’?

I found a way to have 'pam-mount' call directly
'/gnu/store/...-pam-mount-.../sbin/mount.crypt' when necessary. So
adding 'pam-mount' to 'packages' is not needed anymore.

>> +(define %pam-mount-default-configuration
>> +  (plain-file "pam_mount.conf.xml"
>> +              "<?xml version=\"1.0\" encoding=\"utf-8\" ?>
>> +<!DOCTYPE pam_mount SYSTEM \"pam_mount.conf.xml.dtd\">
>> +<pam_mount>
>> +<debug enable=\"0\" />
>> +<mntoptions
>> +allow=\"nosuid,nodev,loop,encryption,fsck,nonempty,allow_root,allow_other\" />
>> +<mntoptions require=\"nosuid,nodev\" />
>> +<logout wait=\"0\" hup=\"no\" term=\"no\" kill=\"no\" />
>> +<mkmountpoint enable=\"1\" remove=\"true\" />
>> +</pam_mount>\n"))
>
> I suggest writing SXML instead and using ‘sxml->xml’, if you don’t
> mind.  :-)

Done.

>> +(define pam-mount-service-type
>> +  (service-type
>> +   (name 'pam-mount)
>> +   (extensions (list (service-extension etc-service-type
>> +                                        pam-mount-etc-service)
>> +                     (service-extension pam-root-service-type
>> +                                        pam-mount-pam-service)))
>> +   (default-value (pam-mount-configuration))))
>
> Please also add a ‘description’ field.

Done.

> Could you send an updated patch?
>
> Thanks!
>
> Ludo’.

Updated patch attached.


[0001-services-Add-pam-mount.patch (text/x-patch, attachment)]
This bug report was last modified 5 years and 182 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.