Package: guix-patches;
Reported by: Simon Streit <simon <at> netpanic.org>
Date: Fri, 25 Mar 2022 08:49:01 UTC
Severity: normal
Tags: patch
Done: Lars-Dominik Braun <lars <at> 6xq.net>
Bug is archived. No further changes may be made.
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 54561 in the body.
You can then email your comments to 54561 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
View this report as an mbox folder, status mbox, maintainer mbox
guix-patches <at> gnu.org:bug#54561; Package guix-patches.
(Fri, 25 Mar 2022 08:49:01 GMT) Full text and rfc822 format available.Simon Streit <simon <at> netpanic.org>:guix-patches <at> gnu.org.
(Fri, 25 Mar 2022 08:49:01 GMT) Full text and rfc822 format available.Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
From: Simon Streit <simon <at> netpanic.org> To: guix-patches <at> gnu.org Subject: [PATCH 0/4] Add service declarations for Samba Date: Fri, 25 Mar 2022 09:48:38 +0100
Hello! Please find attached several patches to add Samba and wsdd as service declaration for Guix. My Samba service declaration has been cut down in length since I am preparing a serialiser, which has not been finalised yet. But I'd rather still have these patch posted here to see it pushed eventually. Or others can test it to see if there are any other improvements that should be done and in case I've missed something. Though the service definition is rather simple for now. Kind regards Simon Streit (4): services: Add samba service. doc: Add "Samba" chapter. doc: Add documentation for WSDD service. services: Add wsdd service. doc/guix.texi | 119 ++++++++++++++++++ gnu/services/samba.scm | 280 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 399 insertions(+) create mode 100644 gnu/services/samba.scm -- 2.34.0
guix-patches <at> gnu.org:bug#54561; Package guix-patches.
(Fri, 25 Mar 2022 09:01:01 GMT) Full text and rfc822 format available.Message #8 received at 54561 <at> debbugs.gnu.org (full text, mbox):
From: Simon Streit <simon <at> netpanic.org> To: 54561 <at> debbugs.gnu.org Subject: [PATCH 1/4] services: Add samba service. Date: Fri, 25 Mar 2022 10:00:26 +0100
* gnu/services/samba.scm (<samba-configuration>): New record. (samba-service-type): New variable. (samba-shepherd-services): New Procedure. --- gnu/services/samba.scm | 173 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 173 insertions(+) create mode 100644 gnu/services/samba.scm diff --git a/gnu/services/samba.scm b/gnu/services/samba.scm new file mode 100644 index 0000000000..ffbf20fdbc --- /dev/null +++ b/gnu/services/samba.scm @@ -0,0 +1,173 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2022 Simon Streit <simon <at> netpanic.org> +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. + +(define-module (gnu services samba) + + #:use-module (gnu packages) + #:use-module (gnu packages base) + #:use-module (gnu packages admin) + #:use-module (gnu packages samba) + + #:use-module (gnu services) + #:use-module (gnu services configuration) + #:use-module (gnu services shepherd) + #:use-module (gnu services base) + #:use-module (gnu system shadow) + + #:use-module (guix gexp) + #:use-module (guix packages) + #:use-module (guix modules) + #:use-module (guix records) + + #:use-module (ice-9 format) + #:use-module (ice-9 match) + #:use-module (ice-9 textual-ports) + #:use-module (srfi srfi-1) + + #:export (samba-service-type + samba-configuration + samba-smb-conf + + wsdd-service-type + wsdd-configuration)) + +(define %smb-conf + (plain-file "smb.conf" "[global] + workgroup = WORKGROUP + server string = Samba Server + server role = standalone server + log file = /var/log/samba/log.%m + logging = file +")) + +(define-record-type* <samba-configuration> + samba-configuration + make-samba-configuration + samba-configuration? + (package samba-configuration-package + (default samba)) + (config-file samba-configuration-config-file + (default #f)) + (enable-samba? samba-configuration-enable-samba? + (default #f)) + (enable-smbd? samba-configuration-enable-smbd? + (default #t)) + (enable-nmbd? samba-configuration-enable-nmbd? + (default #t)) + (enable-winbindd? samba-configuration-enable-winbindd? + (default #t))) + +(define (samba-activation config) + (let ((package (samba-configuration-package config)) + (config-file (samba-configuration-config-file config))) + (with-imported-modules '((guix build utils)) + (let ((lib-directory "/var/lib/samba") + (log-directory "/var/log/samba") + (run-directory "/var/run/samba") + (smb.conf "/etc/samba/smb.conf")) + #~(begin + (use-modules (guix build utils)) + + (mkdir-p #$log-directory) + (mkdir-p #$run-directory) + (mkdir-p (string-append #$lib-directory "/private")) + (mkdir-p "/etc/samba") + (copy-file #$config-file #$smb.conf) + (system* (string-append #$package "/bin/testparm") + "--suppress-prompt" #$smb.conf)))))) + +(define (samba-samba-shepherd-service config) + (let ((package (samba-configuration-package config)) + (config-file (samba-configuration-config-file config))) + (list (shepherd-service + (documentation "Run Samba") + (provision '(samba-samba)) + (requirement '(networking)) + (start #~(make-forkexec-constructor + (list #$(file-append package "/sbin/samba") + (string-append "--configfile=" #$config-file) + "--foreground" + "--no-process-group"))) + (stop #~(make-kill-destructor)))))) + +(define (samba-nmbd-shepherd-service config) + (let ((package (samba-configuration-package config)) + (config-file (samba-configuration-config-file config))) + (list (shepherd-service + (documentation "Run NMBD") + (provision '(samba-nmbd)) + (requirement '(networking)) + (start #~(make-forkexec-constructor + (list #$(file-append package "/sbin/nmbd") + (string-append "--configfile=" #$config-file) + "--foreground" + "--no-process-group"))) + (stop #~(make-kill-destructor)))))) + +(define (samba-smbd-shepherd-service config) + (let ((package (samba-configuration-package config)) + (config-file (samba-configuration-config-file config))) + (list (shepherd-service + (documentation "Run SMBD") + (provision '(samba-smbd)) + (requirement '(networking)) + (start #~(make-forkexec-constructor + (list #$(file-append package "/sbin/smbd") + (string-append "--configfile=" #$config-file) + "--foreground" + "--no-process-group"))) + (stop #~(make-kill-destructor)))))) + +(define (samba-winbindd-shepherd-service config) + (let ((package (samba-configuration-package config)) + (config-file (samba-configuration-config-file config))) + (list (shepherd-service + (documentation "Run Winnbindd for Name Service Switch") + (provision '(samba-winbindd)) + (requirement '(networking)) + (start #~(make-forkexec-constructor + (list #$(file-append package "/sbin/winbindd") + (string-append "--configfile=" #$config-file) + "--foreground" + "--no-process-group"))) + (stop #~(make-kill-destructor)))))) + +(define (samba-shepherd-services config) + (append (if (samba-configuration-enable-samba? config) + (samba-samba-shepherd-service config) + '()) + (if (samba-configuration-enable-nmbd? config) + (samba-nmbd-shepherd-service config) + '()) + (if (samba-configuration-enable-smbd? config) + (samba-smbd-shepherd-service config) + '()) + (if (samba-configuration-enable-winbindd? config) + (samba-winbindd-shepherd-service config) + '()))) + +(define samba-service-type + (service-type + (name 'samba) + (description "Samba") + (extensions + (list (service-extension shepherd-root-service-type + samba-shepherd-services) + (service-extension activation-service-type + samba-activation))) + (default-value (samba-configuration)))) -- 2.34.0
guix-patches <at> gnu.org:bug#54561; Package guix-patches.
(Fri, 25 Mar 2022 09:02:02 GMT) Full text and rfc822 format available.Message #11 received at 54561 <at> debbugs.gnu.org (full text, mbox):
From: Simon Streit <simon <at> netpanic.org> To: 54561 <at> debbugs.gnu.org Subject: [PATCH 2/4] doc: Add "Samba" chapter. Date: Fri, 25 Mar 2022 10:01:50 +0100
---
doc/guix.texi | 53 +++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 53 insertions(+)
diff --git a/doc/guix.texi b/doc/guix.texi
index e8ef4286be..270f07d068 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -101,6 +101,7 @@ Copyright @copyright{} 2021 Andrew Tropin@*
Copyright @copyright{} 2021 Sarah Morgensen@*
Copyright @copyright{} 2021 Josselin Poiret@*
Copyright @copyright{} 2022 Remco van 't Veer@*
+Copyright @copyright{} 2022 Simon Streit@*
Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU Free Documentation License, Version 1.3 or
@@ -368,6 +369,7 @@ Services
* DNS Services:: DNS daemons.
* VPN Services:: VPN daemons.
* Network File System:: NFS related services.
+* Samba Services:: Samba services.
* Continuous Integration:: Cuirass and Laminar services.
* Power Management Services:: Extending battery life.
* Audio Services:: The MPD.
@@ -29861,6 +29863,57 @@ The verbosity level of the daemon.
@end table
@end deftp
+@node Samba Services, Continuous Integration, Network File System, Services
+@subsection Samba Services
+
+@cindex samba
+@cindex smb
+The @code{(gnu services samba)} module provides Guix service definitions
+for Samba as well as additional helper services. Currently it provides
+the following services:
+
+@subsubheading Samba
+
+Samba provides network shares for folder and printers, it can also be an
+AD DC for other samba hosts in an heterougenious network with different
+types of Computer systems.
+
+@defvar{samba-service-type}
+
+The service type to enable the samba services @code{samba}, @code{nmbd},
+@code{smbd} and @code{winbindd}. By default this service type does not
+run as an AD DC, hence @code{samba} remains disabled. It is recommended
+that Samba's package is added to the system profile to have the tool-set
+available for modifications in Samba's runtime directories.
+
+@end defvar
+
+@deftp{Data Type} samba-service-configuration
+Configuration record for the Samba suite.
+
+@table @asis
+@item @code{package} (default: @code{samba})
+The samba package to use.
+
+@item @code{config-file} (default: @code{#f})
+The config file to use. Please note: Setting this variable will disable
+all config options that come after @code{enable-winbindd?}.
+
+@item @code{enable-samba?} (default: @code{#f})
+Manually enable the @code{samba} daemon.
+
+@item @code{enable-smbd?} (default: @code{#f})
+Manually enable the @code{smbd} daemon.
+
+@item @code{enable-nmbd?} (default: @code{#f})
+Manually enable the @code{nmbd} daemon.
+
+@item @code{enable-winbindd?} (default: @code{#f})
+Manually enable the @code{winbindd} daemon.
+
+@end table
+@end deftp
+
@node Continuous Integration
@subsection Continuous Integration
--
2.34.0
guix-patches <at> gnu.org:bug#54561; Package guix-patches.
(Fri, 25 Mar 2022 09:03:01 GMT) Full text and rfc822 format available.Message #14 received at 54561 <at> debbugs.gnu.org (full text, mbox):
From: Simon Streit <simon <at> netpanic.org> To: 54561 <at> debbugs.gnu.org Subject: [PATCH 3/4] doc: Add documentation for WSDD service. Date: Thu, 24 Mar 2022 22:10:05 +0100
---
doc/guix.texi | 66 +++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 66 insertions(+)
diff --git a/doc/guix.texi b/doc/guix.texi
index 270f07d068..9770856050 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -29914,6 +29914,72 @@ Manually enable the @code{winbindd} daemon.
@end table
@end deftp
+@cindex wsdd
+@subsubheading Web Service Discovery Daemon
+
+Web Service Discovery Daemon implements the WSD protocoll. It is a
+drop-in replacement for host discovery that lack support for the SMBv1
+protocol.
+
+@defvr{Scheme Variable} wsdd-service-type
+
+Service type for the Web Service Discoery host daemon. The value for
+this service type is a @code{wsdd-configuration} record. The details
+for the @code{wsdd-configuration} record type are given below.
+@end defvr
+
+@deftp{Data Type} wsdd-configuration This data type represents the
+configuration for the wsdd service.
+
+@table @asis
+
+@item @code{package} (default: @code{wsdd})
+The wsdd package to use.
+
+@item @code{ipv4only?} (default: @code{#f})
+Only listen to ipv4 addresses.
+
+@item @code{ipv6only} (default: @code{#f})
+Only listen to ipv6 addresses. Please note: Activating both options is
+not possible, since there would be no ip versions to listen to.
+
+@item @code{chroot} (default: @code{#f})
+Chroot into a sperate directory to prevent access to other directories.
+This is to increase security in case there is a vulnerability in
+@command{wsdd}.
+
+@item @code{hoplimit} (default: @code{1})
+Limit to the level of hops for multicast packets. The default is
+@var{1} which should prevent packets from leaving the local network.
+
+@item @code{interface} (default: @code{'()})
+Limit to the given list of interfaces to listen to. By default wsdd
+will listen to all interfaces. Except the loopback interface is never
+used.
+
+@item @code{uuid-device} (default: @code{#f})
+The WSD protocol requires a device to have a UUID. Set this to manually
+assign the service a UUID.
+
+@item @code{domain} (default: @code{#f})
+Notify this host is a member of an Active Directory.
+
+@item @code{hostname} (default: @code{#f})
+Manually set the hostname rather than letting @command{wsdd} inherit
+this host's hostname.
+
+@item @code{preserve-case?} (default: @code{#f})
+By default @command{wsdd} will convert the hostname in workgroup to all
+uppercase. The opposite is true for hostnames in domains. Setting this
+parameter will preserve case.
+
+@item @code{workgroup} (default: @var{"WORKGROUP"})
+Change the name of the workgroup. By default @command{wsdd} reports
+this host being member of a workgroup.
+
+@end table
+@end deftp
+
@node Continuous Integration
@subsection Continuous Integration
--
2.34.0
guix-patches <at> gnu.org:bug#54561; Package guix-patches.
(Fri, 25 Mar 2022 09:04:02 GMT) Full text and rfc822 format available.Message #17 received at 54561 <at> debbugs.gnu.org (full text, mbox):
From: Simon Streit <simon <at> netpanic.org> To: 54561 <at> debbugs.gnu.org Subject: [PATCH 4/4] services: Add wsdd service. Date: Thu, 24 Mar 2022 22:14:05 +0100
* gnu/services/samba.scm (<wsdd-configuration>): New record.
(wsdd-service-type): New variable.
(wsdd-shepherd-services): New procedure.
---
gnu/services/samba.scm | 107 +++++++++++++++++++++++++++++++++++++++++
1 file changed, 107 insertions(+)
diff --git a/gnu/services/samba.scm b/gnu/services/samba.scm
index ffbf20fdbc..3058ed9d47 100644
--- a/gnu/services/samba.scm
+++ b/gnu/services/samba.scm
@@ -171,3 +171,110 @@ (define samba-service-type
(service-extension activation-service-type
samba-activation)))
(default-value (samba-configuration))))
+
+
+;;;
+;;; WSDD
+;;;
+
+(define-record-type* <wsdd-configuration>
+ wsdd-configuration
+ make-wsdd-configuration
+ wsdd-configuration?
+ (package wsdd-configuration-package
+ (default wsdd))
+ (ipv4only? wsdd-configuration-ipv4only?
+ (default #f))
+ (ipv6only? wsdd-configuration-ipv6only?
+ (default #f))
+ (chroot wsdd-configuration-chroot
+ (default #f))
+ (hoplimit wsdd-configuration-hoplimit
+ (default 1))
+ (interfaces wsdd-configuration-interfaces
+ (default '()))
+ (uuid-device wsdd-configuration-uuid-device
+ (default #f))
+ (domain wsdd-configuration-domain
+ (default #f))
+ (hostname wsdd-configuration-hostname
+ (default #f))
+ (preserve-case? wsdd-configuration-preserve-case?
+ (default #f))
+ (workgroup wsdd-configuration-workgroup
+ (default "WORKGROUP")))
+
+(define wsdd-accounts
+ (list
+ (user-group (name "wsdd"))
+ (user-account (name "wsdd")
+ (group "wsdd")
+ (comment "Web Service Discovery user")
+ (home-directory "/var/empty")
+ (shell (file-append shadow "/sbin/nologin")))))
+
+(define wsdd-shepherd-service
+ (match-lambda
+ (($ <wsdd-configuration> package
+ ipv4only?
+ ipv6only?
+ chroot
+ hoplimit
+ interfaces
+ uuid-device
+ domain
+ hostname
+ preserve-case?
+ workgroup
+ )
+ (list (shepherd-service
+ (documentation "Run a Web Service Discovery service")
+ (provision '(wsdd))
+ (requirement '(networking))
+ (start #~(make-forkexec-constructor
+ (list #$(file-append package "/bin/wsdd")
+ #$@(if ipv4only?
+ #~("--ipv4only")
+ '())
+ #$@(if ipv6only?
+ #~("--ipv6only")
+ '())
+ #$@(if chroot
+ #~("--chroot" #$chroot)
+ '())
+ #$@(if hoplimit
+ #~("--hoplimit" #$(number->string hoplimit))
+ '())
+ #$@(map (lambda (interfaces)
+ (string-append "--interface=" interfaces))
+ interfaces)
+ #$@(if uuid-device
+ #~("--uuid" #$uuid-device)
+ '())
+ #$@(if domain
+ #~("--domain" #$domain)
+ '())
+ #$@(if hostname
+ #~("--hostname" #$hostname)
+ '())
+ #$@(if preserve-case?
+ #~("--preserve-case")
+ '())
+ #$@(if workgroup
+ #~("--workgroup" #$workgroup)
+ '()))
+ #:user "wsdd"
+ #:group "wsdd"
+ #:log-file "/var/log/wsdd.log"))
+ (stop #~(make-kill-destructor)))))))
+
+(define wsdd-service-type
+ (service-type
+ (name 'wsdd)
+ (description "Web Service Discovery Daemon")
+ (extensions
+ (list (service-extension shepherd-root-service-type
+ wsdd-shepherd-service)
+ (service-extension account-service-type
+ (const wsdd-accounts))))
+ (default-value (wsdd-configuration))))
--
2.34.0
guix-patches <at> gnu.org:bug#54561; Package guix-patches.
(Fri, 25 Mar 2022 09:17:02 GMT) Full text and rfc822 format available.Message #20 received at 54561 <at> debbugs.gnu.org (full text, mbox):
From: Simon Streit <simon <at> netpanic.org> To: 54561 <at> debbugs.gnu.org Subject: Re: [PATCH 4/4] services: Add wsdd service. Date: Fri, 25 Mar 2022 10:16:45 +0100
Oh, I just realised I forgot to add a patch for wsdd's package.
guix-patches <at> gnu.org:bug#54561; Package guix-patches.
(Fri, 25 Mar 2022 12:03:01 GMT) Full text and rfc822 format available.Message #23 received at 54561 <at> debbugs.gnu.org (full text, mbox):
From: Simon Streit <simon <at> netpanic.org> To: 54561 <at> debbugs.gnu.org Subject: Re: [bug#54561] [PATCH 4/4] services: Add wsdd service. Date: Fri, 25 Mar 2022 13:02:42 +0100
Done. Patch can be found here: https://issues.guix.gnu.org/54563
guix-patches <at> gnu.org:bug#54561; Package guix-patches.
(Fri, 25 Mar 2022 15:15:02 GMT) Full text and rfc822 format available.Message #26 received at 54561 <at> debbugs.gnu.org (full text, mbox):
From: Simon Streit <simon <at> netpanic.org> To: 54561 <at> debbugs.gnu.org Cc: Simon Streit <simon <at> netpanic.org> Subject: [PATCH] gnu: samba: Modify input list. Date: Fri, 25 Mar 2022 16:14:13 +0100
I'd like to propose to have avahi added to the input list in samba. With it
Unix based clients will find Samba hosts in local networks. SMBv1 host
discovery in Samba has been disabled. Hence this modification.
* gnu/packages/samba.scm (samba) <inputs>: Add avahi.
---
gnu/packages/samba.scm | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/gnu/packages/samba.scm b/gnu/packages/samba.scm
index 21a5fe8617..63d7245efe 100644
--- a/gnu/packages/samba.scm
+++ b/gnu/packages/samba.scm
@@ -254,7 +254,8 @@ (define-public samba
python
popt
readline
- tdb))
+ tdb
+ avahi))
(propagated-inputs
;; In Requires or Requires.private of pkg-config files.
(list ldb talloc tevent))
--
2.34.0
guix-patches <at> gnu.org:bug#54561; Package guix-patches.
(Sun, 27 Mar 2022 01:08:01 GMT) Full text and rfc822 format available.Message #29 received at submit <at> debbugs.gnu.org (full text, mbox):
From: fesoj000 <fesoj000 <at> gmail.com> To: guix-patches <at> gnu.org Subject: Re: [bug#54561] [PATCH 1/4] services: Add samba service. Date: Sun, 27 Mar 2022 03:07:33 +0200
I have a local service definition for samba i wanted to upstream at some point. Your service looks better then mine though. > +(define (samba-activation config) > + (let ((package (samba-configuration-package config)) > + (config-file (samba-configuration-config-file config))) > + (with-imported-modules '((guix build utils)) > + (let ((lib-directory "/var/lib/samba") > + (log-directory "/var/log/samba") > + (run-directory "/var/run/samba") > + (smb.conf "/etc/samba/smb.conf")) > + #~(begin > + (use-modules (guix build utils)) > + > + (mkdir-p #$log-directory) > + (mkdir-p #$run-directory) > + (mkdir-p (string-append #$lib-directory "/private")) > + (mkdir-p "/etc/samba") > + (copy-file #$config-file #$smb.conf) > + (system* (string-append #$package "/bin/testparm") > + "--suppress-prompt" #$smb.conf)))))) Is it a good idea to create all those directories with the default umask? I always wanted to investigate which of those directories contains sensitive data. I never got around to. Another thing i wanted to investigate: can samba and friends be run as non-root users? I think it would be a good idea to do that if possible. fyi: I currently use samba as an AD DC.
guix-patches <at> gnu.org:bug#54561; Package guix-patches.
(Sun, 27 Mar 2022 01:08:02 GMT) Full text and rfc822 format available.Message #32 received at submit <at> debbugs.gnu.org (full text, mbox):
From: fesoj000 <fesoj000 <at> gmail.com> To: guix-patches <at> gnu.org Subject: Re: [bug#54561] [PATCH 2/4] doc: Add "Samba" chapter. Date: Sun, 27 Mar 2022 03:07:37 +0200
> +@defvar{samba-service-type}
> +
> +The service type to enable the samba services @code{samba}, @code{nmbd},
> +@code{smbd} and @code{winbindd}. By default this service type does not
> +run as an AD DC, hence @code{samba} remains disabled. It is recommended
> +that Samba's package is added to the system profile to have the tool-set
> +available for modifications in Samba's runtime directories.
Maybe it is a good idea to provide the samba tool-set by default. You could
add the following to your samba-service-type:
(service-extension profile-service-type
(compose list samba-configuration-samba))
Some of the samba tools are broken though. I send a patch some time ago
which tries to address this issue. Maybe you want to take a look?
https://issues.guix.gnu.org/issue/54266
guix-patches <at> gnu.org:bug#54561; Package guix-patches.
(Sun, 27 Mar 2022 14:14:02 GMT) Full text and rfc822 format available.Message #35 received at 54561 <at> debbugs.gnu.org (full text, mbox):
From: Maxime Devos <maximedevos <at> telenet.be> To: fesoj000 <fesoj000 <at> gmail.com>, 54561 <at> debbugs.gnu.org Subject: Re: [bug#54561] [PATCH 1/4] services: Add samba service. Date: Sun, 27 Mar 2022 16:13:46 +0200
[Message part 1 (text/plain, inline)]
fesoj000 schreef op zo 27-03-2022 om 03:07 [+0200]: > > +(define (samba-activation config) > > + (let ((package (samba-configuration-package config)) > > + (config-file (samba-configuration-config-file config))) > > + (with-imported-modules '((guix build utils)) > > + (let ((lib-directory "/var/lib/samba") > > + (log-directory "/var/log/samba") > > + (run-directory "/var/run/samba") > > + (smb.conf "/etc/samba/smb.conf")) Is it necessary to put the configuration file there? Can be we do something like (system* "/.../testparm" #$smb.conf), where smb.conf is the generated configuration file? > > + #~(begin > > + (use-modules (guix build utils)) > > + > > + (mkdir-p #$log-directory) > > + (mkdir-p #$run-directory) > > + (mkdir-p (string-append #$lib-directory "/private")) > > + (mkdir-p "/etc/samba") > > + (copy-file #$config-file #$smb.conf) > > + (system* (string-append #$package "/bin/testparm") > > + "--suppress-prompt" #$smb.conf)))))) > Is it a good idea to create all those directories with the default > umask? I always wanted to investigate which of those directories > contains sensitive data. I never got around to. FWIW, you can use 'mkdir-p/perms' to set the permission bits. The (string-append ...) can be simplified to: (system* #$(file-append package "/bin/testparm" "--suppres-prompt #$smb.conf). Also, would it be a good idea to use (invoke ...) instead of system, to make sure errors are detected? What is the 'suppress-prompt' for? Greetings, Maxime.
[signature.asc (application/pgp-signature, inline)]
guix-patches <at> gnu.org:bug#54561; Package guix-patches.
(Sun, 27 Mar 2022 14:16:01 GMT) Full text and rfc822 format available.Message #38 received at 54561 <at> debbugs.gnu.org (full text, mbox):
From: Maxime Devos <maximedevos <at> telenet.be> To: Simon Streit <simon <at> netpanic.org>, 54561 <at> debbugs.gnu.org Subject: Re: [bug#54561] [PATCH 2/4] doc: Add "Samba" chapter. Date: Sun, 27 Mar 2022 16:15:25 +0200
[Message part 1 (text/plain, inline)]
Simon Streit schreef op vr 25-03-2022 om 10:01 [+0100]:
> +@item @code{config-file} (default: @code{#f})
> +The config file to use. Please note: Setting this variable will disable
> +all config options that come after @code{enable-winbindd?}.
[...]
> +@item @code{enable-winbindd?} (default: @code{#f})
> +Manually enable the @code{winbindd} daemon.
> +
> +@end table
> +@end deftp
I don't see any configuration option after enable-winbindd?. Also,
what does ‘manually enable’ mean here? How can I determine if this
needs to be done? Can it be done automatically instead of manually?
Greetings,
Maxime.
[signature.asc (application/pgp-signature, inline)]
guix-patches <at> gnu.org:bug#54561; Package guix-patches.
(Sun, 27 Mar 2022 18:33:02 GMT) Full text and rfc822 format available.Message #41 received at 54561 <at> debbugs.gnu.org (full text, mbox):
From: Simon Streit <simon <at> netpanic.org> To: Maxime Devos <maximedevos <at> telenet.be> Cc: 54561 <at> debbugs.gnu.org, fesoj000 <fesoj000 <at> gmail.com> Subject: Re: [bug#54561] [PATCH 1/4] services: Add samba service. Date: Sun, 27 Mar 2022 20:32:16 +0200
Maxime Devos <maximedevos <at> telenet.be> writes: > fesoj000 schreef op zo 27-03-2022 om 03:07 [+0200]: >> > +(define (samba-activation config) >> > + (let ((package (samba-configuration-package config)) >> > + (config-file (samba-configuration-config-file config))) >> > + (with-imported-modules '((guix build utils)) >> > + (let ((lib-directory "/var/lib/samba") >> > + (log-directory "/var/log/samba") >> > + (run-directory "/var/run/samba") >> > + (smb.conf "/etc/samba/smb.conf")) > > Is it necessary to put the configuration file there? > Can be we do something like (system* "/.../testparm" #$smb.conf), where > smb.conf is the generated configuration file? No, not really. The Samba suit has a lot of tools that may want to look into the default config directory. It seems that any relevant configuration belonging to Samba lands in smb.conf, that is looked into anytime when needed. That is my impression, and thus placed it there. >> Is it a good idea to create all those directories with the default >> umask? I always wanted to investigate which of those directories >> contains sensitive data. I never got around to. I'm not so sure myself. That was the end result of what had to be created to have the service successfully initiate itself. True that I have not investigated this myself yet. While writing this service I was comparing the directory structure with Debian and Arch Linux, to be sure that it would work. > > FWIW, you can use 'mkdir-p/perms' to set the permission bits. > The (string-append ...) can be simplified to: > > (system* #$(file-append package "/bin/testparm" "--suppres-prompt > #$smb.conf). > > Also, would it be a good idea to use (invoke ...) instead of system, to > make sure errors are detected? What is the 'suppress-prompt' for? My understanding now would be better to write invoke. Thanks for pointing this out.
guix-patches <at> gnu.org:bug#54561; Package guix-patches.
(Sun, 27 Mar 2022 18:49:02 GMT) Full text and rfc822 format available.Message #44 received at 54561 <at> debbugs.gnu.org (full text, mbox):
From: Simon Streit <simon <at> netpanic.org> To: fesoj000 <fesoj000 <at> gmail.com> Cc: 54561 <at> debbugs.gnu.org Subject: Re: [bug#54561] [PATCH 1/4] services: Add samba service. Date: Sun, 27 Mar 2022 20:48:41 +0200
fesoj000 <fesoj000 <at> gmail.com> writes: > I have a local service definition for samba i wanted to upstream > at some point. Your service looks better then mine though. Thanks. It still counts as my first try writing a service. > fyi: I currently use samba as an AD DC. Impressive! It might be quite interesting to see how you managed to set up an AD DC. I stopped after certain tools began to crash. I tried to solve them here [1]. I just noticed that you had pushed some patches some time ago too [2]. They're both addressing the same issues. In this case your patches are looking better than mine. That means these tools are working for you now? [1] https://issues.guix.gnu.org/52976 [2] https://issues.guix.gnu.org/54266
guix-patches <at> gnu.org:bug#54561; Package guix-patches.
(Sun, 27 Mar 2022 18:52:01 GMT) Full text and rfc822 format available.Message #47 received at 54561 <at> debbugs.gnu.org (full text, mbox):
From: Simon Streit <simon <at> netpanic.org> To: Maxime Devos <maximedevos <at> telenet.be> Cc: 54561 <at> debbugs.gnu.org Subject: Re: [bug#54561] [PATCH 2/4] doc: Add "Samba" chapter. Date: Sun, 27 Mar 2022 20:51:44 +0200
Maxime Devos <maximedevos <at> telenet.be> writes:
> Simon Streit schreef op vr 25-03-2022 om 10:01 [+0100]:
>> +@item @code{config-file} (default: @code{#f})
>> +The config file to use. Please note: Setting this variable will disable
>> +all config options that come after @code{enable-winbindd?}.
>
> [...]
>
>> +@item @code{enable-winbindd?} (default: @code{#f})
>> +Manually enable the @code{winbindd} daemon.
>> +
>> +@end table
>> +@end deftp
>
> I don't see any configuration option after enable-winbindd?. Also,
> what does ‘manually enable’ mean here? How can I determine if this
> needs to be done? Can it be done automatically instead of manually?
Oh, it looks like I was to quick at trimming my service definition
here. There where config options that where removed, and had simply
removed the entries in the documentation too without rephrasing the
manual properly. I should modify that patch then.
guix-patches <at> gnu.org:bug#54561; Package guix-patches.
(Sun, 27 Mar 2022 18:59:02 GMT) Full text and rfc822 format available.Message #50 received at 54561 <at> debbugs.gnu.org (full text, mbox):
From: fesoj000 <fesoj000 <at> gmail.com> To: Simon Streit <simon <at> netpanic.org> Cc: 54561 <at> debbugs.gnu.org Subject: Re: [bug#54561] [PATCH 1/4] services: Add samba service. Date: Sun, 27 Mar 2022 20:58:30 +0200
On 3/27/22 8:48 PM, Simon Streit wrote: > fesoj000 <fesoj000 <at> gmail.com> writes: > >> I have a local service definition for samba i wanted to upstream >> at some point. Your service looks better then mine though. > > Thanks. It still counts as my first try writing a service. > >> fyi: I currently use samba as an AD DC. > > Impressive! It might be quite interesting to see how you managed to set > up an AD DC. I stopped after certain tools began to crash. I tried to > solve them here [1]. I just noticed that you had pushed some patches > some time ago too [2]. They're both addressing the same issues. In > this case your patches are looking better than mine. > > That means these tools are working for you now? > > [1] https://issues.guix.gnu.org/52976 > [2] https://issues.guix.gnu.org/54266 I mostly followed the step by step guide in the samba wiki [0]. I use this AD DC mostly for testing and developing (kerberos, ldap). While following the step by step guide i found that samba-tool and friends are not working, so i tried to fix them, and yes, they do work for me currently using my patch. My main motivation for running samba as AD DC is that i want to port sssd to guix. Currently i have a hack for glibc which solves the libnss module lookup issue. But all this needs more polish and time.... [0] https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller
guix-patches <at> gnu.org:bug#54561; Package guix-patches.
(Sun, 27 Mar 2022 19:23:02 GMT) Full text and rfc822 format available.Message #53 received at 54561 <at> debbugs.gnu.org (full text, mbox):
From: fesoj000 <fesoj000 <at> gmail.com> To: 54561 <at> debbugs.gnu.org Subject: [PATCH] gnu: libdaemon: fix build for riscv64 Date: Sun, 27 Mar 2022 21:22:39 +0200
* gnu/packages/libdaemon.scm: (native-inputs): Add check for riscv64 to
include config
* gnu/packages/libdaemon.scm: (arguments): Add check for riscv64 to add
update-config.sub build step
---
gnu/packages/libdaemon.scm | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/gnu/packages/libdaemon.scm b/gnu/packages/libdaemon.scm
index 9dc851e823..e91b651e5a 100644
--- a/gnu/packages/libdaemon.scm
+++ b/gnu/packages/libdaemon.scm
@@ -49,7 +49,8 @@ (define-public libdaemon
(file-name (string-append name "-" version ".tar.gz"))))
(build-system gnu-build-system)
(native-inputs
- (if (and=> (%current-target-system) target-aarch64?)
+ (if (or (target-aarch64?)
+ (target-riscv64?))
`(("config" ,config)) ; for config.sub
'()))
(arguments
@@ -66,7 +67,8 @@ (define-public libdaemon
;; Hurd's console client.
"--localstatedir=/var"))
'())
- ,@(if (and=> (%current-target-system) target-aarch64?)
+ ,@(if (or (target-aarch64?)
+ (target-riscv64?))
`(#:phases
(modify-phases %standard-phases
(add-before 'configure 'update-config.sub
--
2.34.0
guix-patches <at> gnu.org:bug#54561; Package guix-patches.
(Sun, 27 Mar 2022 19:24:01 GMT) Full text and rfc822 format available.Message #56 received at 54561 <at> debbugs.gnu.org (full text, mbox):
From: fesoj000 <fesoj000 <at> gmail.com> To: 54561 <at> debbugs.gnu.org Subject: Re: [PATCH] gnu: libdaemon: fix build for riscv64 Date: Sun, 27 Mar 2022 21:23:27 +0200
please ignore this email, send to the wrong issue number.
On 3/27/22 9:22 PM, fesoj000 wrote:
> * gnu/packages/libdaemon.scm: (native-inputs): Add check for riscv64 to
> include config
> * gnu/packages/libdaemon.scm: (arguments): Add check for riscv64 to add
> update-config.sub build step
> ---
> gnu/packages/libdaemon.scm | 6 ++++--
> 1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/gnu/packages/libdaemon.scm b/gnu/packages/libdaemon.scm
> index 9dc851e823..e91b651e5a 100644
> --- a/gnu/packages/libdaemon.scm
> +++ b/gnu/packages/libdaemon.scm
> @@ -49,7 +49,8 @@ (define-public libdaemon
> (file-name (string-append name "-" version ".tar.gz"))))
> (build-system gnu-build-system)
> (native-inputs
> - (if (and=> (%current-target-system) target-aarch64?)
> + (if (or (target-aarch64?)
> + (target-riscv64?))
> `(("config" ,config)) ; for config.sub
> '()))
> (arguments
> @@ -66,7 +67,8 @@ (define-public libdaemon
> ;; Hurd's console client.
> "--localstatedir=/var"))
> '())
> - ,@(if (and=> (%current-target-system) target-aarch64?)
> + ,@(if (or (target-aarch64?)
> + (target-riscv64?))
> `(#:phases
> (modify-phases %standard-phases
> (add-before 'configure 'update-config.sub
guix-patches <at> gnu.org:bug#54561; Package guix-patches.
(Fri, 08 Apr 2022 18:23:02 GMT) Full text and rfc822 format available.Message #59 received at 54561 <at> debbugs.gnu.org (full text, mbox):
From: Simon Streit <simon <at> netpanic.org> To: 54561 <at> debbugs.gnu.org Cc: Simon Streit <simon <at> netpanic.org> Subject: v2 [PATCH 0/5] Add service declarations for Samba Date: Fri, 8 Apr 2022 20:21:26 +0200
Please find attached an updated patch series.
I've made slight changes as follows:
* The reference to further config options in the manual have been removed.
* Samba's (samba-activation config) procedure has been slightly modified,
* better cleaned up, regarding the mkdirs. I've done more testing and it
* appears that samba will only run when /var/{lib,log,run}/samba exist,
including /var/lib/samba/private. In this case it is chmod now to o700 to
be on the save side. Debian's directory structure is world readable though.
In Arch it is o700. If anyone objects, please make it world readable. It
appears that Samba lives and breathes in these directories, so they better
be put there.
* Regarding smb.conf -- while this service technically doesn't need it placed
at /etc/samba -- is convenient to have it placed there for other tools part
of the Samba family to read it, and so that others can quickly look into its
configuration. I'll leave this for further debate whether it can stay there
or not.
* The packages samba and wsdd are included in profile-service-type so that they
are generally available in the system profile.
I hope I didn't miss anything out.
Simon Streit (5):
services: Add samba service.
doc: Add "Samba" chapter.
doc: Add documentation for WSDD service.
services: Add wsdd service.
gnu: Add wsdd.
doc/guix.texi | 118 ++++++++++++++++++
gnu/packages/samba.scm | 26 ++++
gnu/services/samba.scm | 277 +++++++++++++++++++++++++++++++++++++++++
3 files changed, 421 insertions(+)
create mode 100644 gnu/services/samba.scm
--
2.34.0
guix-patches <at> gnu.org:bug#54561; Package guix-patches.
(Fri, 08 Apr 2022 18:23:02 GMT) Full text and rfc822 format available.Message #62 received at 54561 <at> debbugs.gnu.org (full text, mbox):
From: Simon Streit <simon <at> netpanic.org> To: 54561 <at> debbugs.gnu.org Cc: Simon Streit <simon <at> netpanic.org> Subject: v2 [PATCH 1/5] services: Add samba service. Date: Fri, 8 Apr 2022 20:21:27 +0200
* gnu/services/samba.scm (<samba-configuration>): New record. (samba-service-type): New variable. (samba-shepherd-services): New Procedure. --- gnu/services/samba.scm | 177 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 177 insertions(+) create mode 100644 gnu/services/samba.scm diff --git a/gnu/services/samba.scm b/gnu/services/samba.scm new file mode 100644 index 0000000000..70b07f93fb --- /dev/null +++ b/gnu/services/samba.scm @@ -0,0 +1,177 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2022 Simon Streit <simon <at> netpanic.org> +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. + +(define-module (gnu services samba) + + #:use-module (gnu packages) + #:use-module (gnu packages base) + #:use-module (gnu packages admin) + #:use-module (gnu packages samba) + + #:use-module (gnu services) + #:use-module (gnu services configuration) + #:use-module (gnu services shepherd) + #:use-module (gnu services base) + #:use-module (gnu system shadow) + + #:use-module (guix gexp) + #:use-module (guix packages) + #:use-module (guix modules) + #:use-module (guix records) + + #:use-module (ice-9 format) + #:use-module (ice-9 match) + #:use-module (ice-9 textual-ports) + #:use-module (srfi srfi-1) + + #:export (samba-service-type + samba-configuration + samba-smb-conf + + wsdd-service-type + wsdd-configuration)) + +(define %smb-conf + (plain-file "smb.conf" "[global] + workgroup = WORKGROUP + server string = Samba Server + server role = standalone server + log file = /var/log/samba/log.%m + logging = file +")) + +(define-record-type* <samba-configuration> + samba-configuration + make-samba-configuration + samba-configuration? + (package samba-configuration-package + (default samba)) + (config-file samba-configuration-config-file + (default #f)) + (enable-samba? samba-configuration-enable-samba? + (default #f)) + (enable-smbd? samba-configuration-enable-smbd? + (default #t)) + (enable-nmbd? samba-configuration-enable-nmbd? + (default #t)) + (enable-winbindd? samba-configuration-enable-winbindd? + (default #t))) + +(define (samba-activation config) + (let ((package (samba-configuration-package config)) + (config-file (samba-configuration-config-file config))) + (with-imported-modules '((guix build utils)) + (let ((lib-dir "/var/lib/samba") + (log-dir "/var/log/samba") + (run-dir "/var/run/samba") + (etc-dir "/etc/samba") + (smb.conf "/etc/samba/smb.conf")) + #~(begin + (use-modules (guix build utils)) + (mkdir-p #$etc-dir) + (mkdir-p #$lib-dir) + (mkdir-p/perms (string-append #$lib-dir "/private") + (getpwnam "root") #o700) + (mkdir-p #$log-dir) + (mkdir-p #$run-dir) + (copy-file #$config-file #$smb.conf) + (invoke #$(file-append package "/bin/testparm") + "--suppress-prompt" #$smb.conf)))))) + +(define (samba-samba-shepherd-service config) + (let ((package (samba-configuration-package config)) + (config-file (samba-configuration-config-file config))) + (list (shepherd-service + (documentation "Run Samba") + (provision '(samba-samba)) + (requirement '(networking)) + (start #~(make-forkexec-constructor + (list #$(file-append package "/sbin/samba") + (string-append "--configfile=" #$config-file) + "--foreground" + "--no-process-group"))) + (stop #~(make-kill-destructor)))))) + +(define (samba-nmbd-shepherd-service config) + (let ((package (samba-configuration-package config)) + (config-file (samba-configuration-config-file config))) + (list (shepherd-service + (documentation "Run NMBD") + (provision '(samba-nmbd)) + (requirement '(networking)) + (start #~(make-forkexec-constructor + (list #$(file-append package "/sbin/nmbd") + (string-append "--configfile=" #$config-file) + "--foreground" + "--no-process-group"))) + (stop #~(make-kill-destructor)))))) + +(define (samba-smbd-shepherd-service config) + (let ((package (samba-configuration-package config)) + (config-file (samba-configuration-config-file config))) + (list (shepherd-service + (documentation "Run SMBD") + (provision '(samba-smbd)) + (requirement '(networking)) + (start #~(make-forkexec-constructor + (list #$(file-append package "/sbin/smbd") + (string-append "--configfile=" #$config-file) + "--foreground" + "--no-process-group"))) + (stop #~(make-kill-destructor)))))) + +(define (samba-winbindd-shepherd-service config) + (let ((package (samba-configuration-package config)) + (config-file (samba-configuration-config-file config))) + (list (shepherd-service + (documentation "Run Winnbindd for Name Service Switch") + (provision '(samba-winbindd)) + (requirement '(networking)) + (start #~(make-forkexec-constructor + (list #$(file-append package "/sbin/winbindd") + (string-append "--configfile=" #$config-file) + "--foreground" + "--no-process-group"))) + (stop #~(make-kill-destructor)))))) + +(define (samba-shepherd-services config) + (append (if (samba-configuration-enable-samba? config) + (samba-samba-shepherd-service config) + '()) + (if (samba-configuration-enable-nmbd? config) + (samba-nmbd-shepherd-service config) + '()) + (if (samba-configuration-enable-smbd? config) + (samba-smbd-shepherd-service config) + '()) + (if (samba-configuration-enable-winbindd? config) + (samba-winbindd-shepherd-service config) + '()))) + +(define samba-service-type + (service-type + (name 'samba) + (description "Samba") + (extensions + (list (service-extension shepherd-root-service-type + samba-shepherd-services) + (service-extension activation-service-type + samba-activation) + (service-extension profile-service-type + (compose list samba-configuration-package)))) + (default-value (samba-configuration)))) -- 2.34.0
guix-patches <at> gnu.org:bug#54561; Package guix-patches.
(Fri, 08 Apr 2022 18:23:03 GMT) Full text and rfc822 format available.Message #65 received at 54561 <at> debbugs.gnu.org (full text, mbox):
From: Simon Streit <simon <at> netpanic.org> To: 54561 <at> debbugs.gnu.org Cc: Simon Streit <simon <at> netpanic.org> Subject: v2 [PATCH 2/5] doc: Add "Samba" chapter. Date: Fri, 8 Apr 2022 20:21:28 +0200
---
doc/guix.texi | 52 +++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 52 insertions(+)
diff --git a/doc/guix.texi b/doc/guix.texi
index e8ef4286be..70f78c601a 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -101,6 +101,7 @@ Copyright @copyright{} 2021 Andrew Tropin@*
Copyright @copyright{} 2021 Sarah Morgensen@*
Copyright @copyright{} 2021 Josselin Poiret@*
Copyright @copyright{} 2022 Remco van 't Veer@*
+Copyright @copyright{} 2022 Simon Streit@*
Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU Free Documentation License, Version 1.3 or
@@ -368,6 +369,7 @@ Services
* DNS Services:: DNS daemons.
* VPN Services:: VPN daemons.
* Network File System:: NFS related services.
+* Samba Services:: Samba services.
* Continuous Integration:: Cuirass and Laminar services.
* Power Management Services:: Extending battery life.
* Audio Services:: The MPD.
@@ -29861,6 +29863,56 @@ The verbosity level of the daemon.
@end table
@end deftp
+@node Samba Services, Continuous Integration, Network File System, Services
+@subsection Samba Services
+
+@cindex samba
+@cindex smb
+The @code{(gnu services samba)} module provides Guix service definitions
+for Samba as well as additional helper services. Currently it provides
+the following services:
+
+@subsubheading Samba
+
+Samba provides network shares for folder and printers, it can also be an
+AD DC for other samba hosts in an heterougenious network with different
+types of Computer systems.
+
+@defvar{samba-service-type}
+
+The service type to enable the samba services @code{samba}, @code{nmbd},
+@code{smbd} and @code{winbindd}. By default this service type does not
+run as an AD DC, hence @code{samba} remains disabled. It is recommended
+that Samba's package is added to the system profile to have the tool-set
+available for modifications in Samba's runtime directories.
+
+@end defvar
+
+@deftp{Data Type} samba-service-configuration
+Configuration record for the Samba suite.
+
+@table @asis
+@item @code{package} (default: @code{samba})
+The samba package to use.
+
+@item @code{config-file} (default: @code{#f})
+The config file to use.
+
+@item @code{enable-samba?} (default: @code{#f})
+Manually enable the @code{samba} daemon.
+
+@item @code{enable-smbd?} (default: @code{#f})
+Manually enable the @code{smbd} daemon.
+
+@item @code{enable-nmbd?} (default: @code{#f})
+Manually enable the @code{nmbd} daemon.
+
+@item @code{enable-winbindd?} (default: @code{#f})
+Manually enable the @code{winbindd} daemon.
+
+@end table
+@end deftp
+
@node Continuous Integration
@subsection Continuous Integration
--
2.34.0
guix-patches <at> gnu.org:bug#54561; Package guix-patches.
(Fri, 08 Apr 2022 18:23:03 GMT) Full text and rfc822 format available.Message #68 received at 54561 <at> debbugs.gnu.org (full text, mbox):
From: Simon Streit <simon <at> netpanic.org> To: 54561 <at> debbugs.gnu.org Cc: Simon Streit <simon <at> netpanic.org> Subject: v2 [PATCH 3/5] doc: Add documentation for WSDD service. Date: Fri, 8 Apr 2022 20:21:29 +0200
---
doc/guix.texi | 66 +++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 66 insertions(+)
diff --git a/doc/guix.texi b/doc/guix.texi
index 70f78c601a..fa3c7d8b51 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -29913,6 +29913,72 @@ Manually enable the @code{winbindd} daemon.
@end table
@end deftp
+@cindex wsdd
+@subsubheading Web Service Discovery Daemon
+
+Web Service Discovery Daemon implements the WSD protocoll. It is a
+drop-in replacement for host discovery that lack support for the SMBv1
+protocol.
+
+@defvr{Scheme Variable} wsdd-service-type
+
+Service type for the Web Service Discoery host daemon. The value for
+this service type is a @code{wsdd-configuration} record. The details
+for the @code{wsdd-configuration} record type are given below.
+@end defvr
+
+@deftp{Data Type} wsdd-configuration This data type represents the
+configuration for the wsdd service.
+
+@table @asis
+
+@item @code{package} (default: @code{wsdd})
+The wsdd package to use.
+
+@item @code{ipv4only?} (default: @code{#f})
+Only listen to ipv4 addresses.
+
+@item @code{ipv6only} (default: @code{#f})
+Only listen to ipv6 addresses. Please note: Activating both options is
+not possible, since there would be no ip versions to listen to.
+
+@item @code{chroot} (default: @code{#f})
+Chroot into a sperate directory to prevent access to other directories.
+This is to increase security in case there is a vulnerability in
+@command{wsdd}.
+
+@item @code{hoplimit} (default: @code{1})
+Limit to the level of hops for multicast packets. The default is
+@var{1} which should prevent packets from leaving the local network.
+
+@item @code{interface} (default: @code{'()})
+Limit to the given list of interfaces to listen to. By default wsdd
+will listen to all interfaces. Except the loopback interface is never
+used.
+
+@item @code{uuid-device} (default: @code{#f})
+The WSD protocol requires a device to have a UUID. Set this to manually
+assign the service a UUID.
+
+@item @code{domain} (default: @code{#f})
+Notify this host is a member of an Active Directory.
+
+@item @code{hostname} (default: @code{#f})
+Manually set the hostname rather than letting @command{wsdd} inherit
+this host's hostname.
+
+@item @code{preserve-case?} (default: @code{#f})
+By default @command{wsdd} will convert the hostname in workgroup to all
+uppercase. The opposite is true for hostnames in domains. Setting this
+parameter will preserve case.
+
+@item @code{workgroup} (default: @var{"WORKGROUP"})
+Change the name of the workgroup. By default @command{wsdd} reports
+this host being member of a workgroup.
+
+@end table
+@end deftp
+
@node Continuous Integration
@subsection Continuous Integration
--
2.34.0
guix-patches <at> gnu.org:bug#54561; Package guix-patches.
(Fri, 08 Apr 2022 18:23:03 GMT) Full text and rfc822 format available.Message #71 received at 54561 <at> debbugs.gnu.org (full text, mbox):
From: Simon Streit <simon <at> netpanic.org> To: 54561 <at> debbugs.gnu.org Cc: Simon Streit <simon <at> netpanic.org> Subject: v2 [PATCH 4/5] services: Add wsdd service. Date: Fri, 8 Apr 2022 20:21:30 +0200
* gnu/services/samba.scm (<wsdd-configuration>): New record.
(wsdd-service-type): New variable.
(wsdd-shepherd-services): New procedure.
---
gnu/services/samba.scm | 100 +++++++++++++++++++++++++++++++++++++++++
1 file changed, 100 insertions(+)
diff --git a/gnu/services/samba.scm b/gnu/services/samba.scm
index 70b07f93fb..d15d916363 100644
--- a/gnu/services/samba.scm
+++ b/gnu/services/samba.scm
@@ -175,3 +175,103 @@ (define samba-service-type
(service-extension profile-service-type
(compose list samba-configuration-package))))
(default-value (samba-configuration))))
+
+
+;;;
+;;; WSDD
+;;;
+
+(define-record-type* <wsdd-configuration>
+ wsdd-configuration
+ make-wsdd-configuration
+ wsdd-configuration?
+ (package wsdd-configuration-package
+ (default wsdd))
+ (ipv4only? wsdd-configuration-ipv4only?
+ (default #f))
+ (ipv6only? wsdd-configuration-ipv6only?
+ (default #f))
+ (chroot wsdd-configuration-chroot
+ (default #f))
+ (hoplimit wsdd-configuration-hoplimit
+ (default 1))
+ (interfaces wsdd-configuration-interfaces
+ (default '()))
+ (uuid-device wsdd-configuration-uuid-device
+ (default #f))
+ (domain wsdd-configuration-domain
+ (default #f))
+ (hostname wsdd-configuration-hostname
+ (default #f))
+ (preserve-case? wsdd-configuration-preserve-case?
+ (default #f))
+ (workgroup wsdd-configuration-workgroup
+ (default "WORKGROUP")))
+
+(define wsdd-accounts
+ (list
+ (user-group (name "wsdd"))
+ (user-account (name "wsdd")
+ (group "wsdd")
+ (comment "Web Service Discovery user")
+ (home-directory "/var/empty")
+ (shell (file-append shadow "/sbin/nologin")))))
+
+(define wsdd-shepherd-service
+ (match-lambda
+ (($ <wsdd-configuration> package ipv4only? ipv6only? chroot hoplimit
+ interfaces uuid-device domain hostname
+ preserve-case? workgroup)
+ (list (shepherd-service
+ (documentation "Run a Web Service Discovery service")
+ (provision '(wsdd))
+ (requirement '(networking))
+ (start #~(make-forkexec-constructor
+ (list #$(file-append package "/bin/wsdd")
+ #$@(if ipv4only?
+ #~("--ipv4only")
+ '())
+ #$@(if ipv6only?
+ #~("--ipv6only")
+ '())
+ #$@(if chroot
+ #~("--chroot" #$chroot)
+ '())
+ #$@(if hoplimit
+ #~("--hoplimit" #$(number->string hoplimit))
+ '())
+ #$@(map (lambda (interfaces)
+ (string-append "--interface=" interfaces))
+ interfaces)
+ #$@(if uuid-device
+ #~("--uuid" #$uuid-device)
+ '())
+ #$@(if domain
+ #~("--domain" #$domain)
+ '())
+ #$@(if hostname
+ #~("--hostname" #$hostname)
+ '())
+ #$@(if preserve-case?
+ #~("--preserve-case")
+ '())
+ #$@(if workgroup
+ #~("--workgroup" #$workgroup)
+ '()))
+ #:user "wsdd"
+ #:group "wsdd"
+ #:log-file "/var/log/wsdd.log"))
+ (stop #~(make-kill-destructor)))))))
+
+(define wsdd-service-type
+ (service-type
+ (name 'wsdd)
+ (description "Web Service Discovery Daemon")
+ (extensions
+ (list (service-extension shepherd-root-service-type
+ wsdd-shepherd-service)
+ (service-extension account-service-type
+ (const wsdd-accounts))
+ (service-extension profile-service-type
+ (compose list wsdd-configuration-package))))
+ (default-value (wsdd-configuration))))
--
2.34.0
guix-patches <at> gnu.org:bug#54561; Package guix-patches.
(Fri, 08 Apr 2022 18:23:04 GMT) Full text and rfc822 format available.Message #74 received at 54561 <at> debbugs.gnu.org (full text, mbox):
From: Simon Streit <simon <at> netpanic.org> To: 54561 <at> debbugs.gnu.org Cc: Simon Streit <simon <at> netpanic.org> Subject: v2 [PATCH 5/5] gnu: Add wsdd. Date: Fri, 8 Apr 2022 20:21:31 +0200
* gnu/packages/samba.scm (wsdd): New variable.
---
gnu/packages/samba.scm | 26 ++++++++++++++++++++++++++
1 file changed, 26 insertions(+)
diff --git a/gnu/packages/samba.scm b/gnu/packages/samba.scm
index b775ad905c..21a5fe8617 100644
--- a/gnu/packages/samba.scm
+++ b/gnu/packages/samba.scm
@@ -500,3 +500,29 @@ (define-public ppp
;; chat is public domain.
(license (list bsd-3 bsd-4 gpl2+ public-domain))))
+(define-public wsdd
+ (package
+ (name "wsdd")
+ (version "0.7.0")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference (url "https://github.com/christgau/wsdd")
+ (commit (string-append "v" version))))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32 "04an2w6hamnai668ag4vq8x0i09fsg2jrayb4a7ar0x6bn837k7m"))))
+ (build-system copy-build-system)
+ (inputs
+ `(("python" ,python)))
+ (arguments
+ '(#:install-plan
+ '(("src/wsdd.py" "bin/wsdd")
+ ("man/wsdd.1" "share/man/man1/"))))
+ (home-page "https://github.com/christgau/wsdd")
+ (synopsis "A Web Service Discovery host daemon")
+ (description "This daemon allows (Samba) hosts to be found by Web
+Service Dicovery Clients. It also implements the client side of the
+discovery protocol which allows to search for devices implementing
+WSD.")
+ (license expat)))
--
2.34.0
guix-patches <at> gnu.org:bug#54561; Package guix-patches.
(Fri, 08 Apr 2022 21:24:01 GMT) Full text and rfc822 format available.Message #77 received at 54561 <at> debbugs.gnu.org (full text, mbox):
From: Ludovic Courtès <ludo <at> gnu.org> To: Simon Streit <simon <at> netpanic.org> Cc: 54561 <at> debbugs.gnu.org Subject: Re: bug#54561: [PATCH 0/4] Add service declarations for Samba Date: Fri, 08 Apr 2022 23:23:18 +0200
Hi Simon,
Simon Streit <simon <at> netpanic.org> skribis:
> Please find attached an updated patch series.
It’s a huge amount of work that you did, and that’ll certainly be useful
to many!
> I've made slight changes as follows:
>
> * The reference to further config options in the manual have been removed.
> * Samba's (samba-activation config) procedure has been slightly modified,
> * better cleaned up, regarding the mkdirs. I've done more testing and it
> * appears that samba will only run when /var/{lib,log,run}/samba exist,
> including /var/lib/samba/private. In this case it is chmod now to o700 to
> be on the save side. Debian's directory structure is world readable though.
> In Arch it is o700. If anyone objects, please make it world readable. It
> appears that Samba lives and breathes in these directories, so they better
> be put there.
> * Regarding smb.conf -- while this service technically doesn't need it placed
> at /etc/samba -- is convenient to have it placed there for other tools part
> of the Samba family to read it, and so that others can quickly look into its
> configuration. I'll leave this for further debate whether it can stay there
> or not.
> * The packages samba and wsdd are included in profile-service-type so that they
> are generally available in the system profile.
I didn’t look at everything in detail, but overall that LGTM.
There’s a couple of things that I think would be worth adjusting though:
> services: Add samba service.
> doc: Add "Samba" chapter.
> doc: Add documentation for WSDD service.
> services: Add wsdd service.
> gnu: Add wsdd.
It seems patches are in the wrong order: I’d expect the wsdd package to
come before the wsdd service.
Regarding documentation: by convention, documentation for a service is
added in the same commit that adds the service, so that it’s
self-contained. Could you squash them?
Last, it would be great if you could add a system test under
gnu/tests/samba.scm. Essentially, that test would do what you probably
did manually already: spawning a VM running an OS with
‘samba-service-type’ and/or ‘wsdd-service-type’ and running an SMB
and/or WSD client to make sure the basics work. You can get inspiration
from other system tests there, and see:
https://guix.gnu.org/manual/devel/en/html_node/Running-the-Test-Suite.html
I have minor cosmetic comments that I’ll send separately.
Could you send a v3 addressing these issues?
Thanks!
Ludo’.
guix-patches <at> gnu.org:bug#54561; Package guix-patches.
(Fri, 08 Apr 2022 21:27:02 GMT) Full text and rfc822 format available.Message #80 received at 54561 <at> debbugs.gnu.org (full text, mbox):
From: Ludovic Courtès <ludo <at> gnu.org> To: Simon Streit <simon <at> netpanic.org> Cc: 54561 <at> debbugs.gnu.org Subject: Re: bug#54561: [PATCH 0/4] Add service declarations for Samba Date: Fri, 08 Apr 2022 23:26:20 +0200
Simon Streit <simon <at> netpanic.org> skribis: > * gnu/services/samba.scm (<samba-configuration>): New record. > (samba-service-type): New variable. > (samba-shepherd-services): New Procedure. Just write “New file.”, that’s enough. Please also add it to gnu/local.mk and to po/guix/POTFILES.in. [...] > + #:export (samba-service-type > + samba-configuration > + samba-smb-conf > + > + wsdd-service-type > + wsdd-configuration)) These two lines shouldn’t be here for now. :-) > +(define samba-service-type > + (service-type > + (name 'samba) > + (description "Samba") > + (extensions > + (list (service-extension shepherd-root-service-type > + samba-shepherd-services) > + (service-extension activation-service-type > + samba-activation) > + (service-extension profile-service-type > + (compose list samba-configuration-package)))) > + (default-value (samba-configuration)))) Please add a ‘description’ field with Texinfo markup (it’s the description you see when running ‘guix system search’.)
guix-patches <at> gnu.org:bug#54561; Package guix-patches.
(Fri, 08 Apr 2022 21:36:02 GMT) Full text and rfc822 format available.Message #83 received at 54561 <at> debbugs.gnu.org (full text, mbox):
From: Ludovic Courtès <ludo <at> gnu.org> To: Simon Streit <simon <at> netpanic.org> Cc: 54561 <at> debbugs.gnu.org Subject: Re: bug#54561: [PATCH 0/4] Add service declarations for Samba Date: Fri, 08 Apr 2022 23:35:48 +0200
Simon Streit <simon <at> netpanic.org> skribis:
> +@cindex samba
> +@cindex smb
“Samba” and “SMB”.
> +The @code{(gnu services samba)} module provides Guix service definitions
s/Guix//
> +for Samba as well as additional helper services. Currently it provides
> +the following services:
> +
> +@subsubheading Samba
Remove colon after “services” (what follows is not a bullet list).
> +Samba provides network shares for folder and printers,
How about:
@uref{https://www.samba.org, Samba} provides networks shares for
folders and printers using the SMB/CIFS protocol commonly used on
Windows.
> it can also be an
> +AD DC for other samba hosts in an heterougenious network with different
What’s an “AD DC”? In general please expand acronyms on their first
occurrence.
> +types of Computer systems.
Lowercase.
> +@defvar{samba-service-type}
Please use @defvr as is done elsewhere in the manual.
> +The service type to enable the samba services @code{samba}, @code{nmbd},
> +@code{smbd} and @code{winbindd}. By default this service type does not
> +run as an AD DC, hence @code{samba} remains disabled. It is recommended
> +that Samba's package is added to the system profile to have the tool-set
Samba is now added to the system profile, right? Should this sentence
be removed?
Ludo’.
guix-patches <at> gnu.org:bug#54561; Package guix-patches.
(Fri, 08 Apr 2022 21:42:01 GMT) Full text and rfc822 format available.Message #86 received at 54561 <at> debbugs.gnu.org (full text, mbox):
From: Ludovic Courtès <ludo <at> gnu.org> To: Simon Streit <simon <at> netpanic.org> Cc: 54561 <at> debbugs.gnu.org Subject: Re: bug#54561: [PATCH 0/4] Add service declarations for Samba Date: Fri, 08 Apr 2022 23:41:16 +0200
Simon Streit <simon <at> netpanic.org> skribis:
> +@cindex wsdd
> +@subsubheading Web Service Discovery Daemon
> +
> +Web Service Discovery Daemon implements the WSD protocoll.
Please provide a bit of context, for example:
The Web Service Discovery daemon (wsdd) implements, not surprisingly,
Web Service Discovery (WSD), a protocol for …
> It is a
> +drop-in replacement for host discovery that lack support for the SMBv1
> +protocol.
That too would need a bit more context IMO.
> +@defvr{Scheme Variable} wsdd-service-type
^
Missing space (in other similar places too).
> +Service type for the Web Service Discoery host daemon. The value for
Typo; but you can write “WSD” here, since that has been introduced
above.
> +@item @code{ipv6only} (default: @code{#f})
> +Only listen to ipv6 addresses. Please note: Activating both options is
> +not possible, since there would be no ip versions to listen to.
“IPv6”, “IP”.
> +@item @code{chroot} (default: @code{#f})
> +Chroot into a sperate directory to prevent access to other directories.
“separate”
> +This is to increase security in case there is a vulnerability in
> +@command{wsdd}.
> +
> +@item @code{hoplimit} (default: @code{1})
s/hoplimit/hop-limit/ (two words), and in the code too.
> +@item @code{hostname} (default: @code{#f})
Likewise, preferably ‘host-name’.
Ludo’.
guix-patches <at> gnu.org:bug#54561; Package guix-patches.
(Fri, 08 Apr 2022 21:44:02 GMT) Full text and rfc822 format available.Message #89 received at 54561 <at> debbugs.gnu.org (full text, mbox):
From: Ludovic Courtès <ludo <at> gnu.org> To: Simon Streit <simon <at> netpanic.org> Cc: 54561 <at> debbugs.gnu.org Subject: Re: bug#54561: [PATCH 0/4] Add service declarations for Samba Date: Fri, 08 Apr 2022 23:43:33 +0200
Simon Streit <simon <at> netpanic.org> skribis: > * gnu/services/samba.scm (<wsdd-configuration>): New record. > (wsdd-service-type): New variable. > (wsdd-shepherd-services): New procedure. Just “New file.” and add it to gnu/local.mk. > +(define wsdd-shepherd-service > + (match-lambda > + (($ <wsdd-configuration> package ipv4only? ipv6only? chroot hoplimit > + interfaces uuid-device domain hostname > + preserve-case? workgroup) Please use ‘match-record’ instead; it is less error-prone. > +(define wsdd-service-type > + (service-type > + (name 'wsdd) > + (description "Web Service Discovery Daemon") Please write full sentences in ‘description’, possibly with Texinfo markup. Ludo’.
guix-patches <at> gnu.org:bug#54561; Package guix-patches.
(Sat, 09 Apr 2022 08:30:02 GMT) Full text and rfc822 format available.Message #92 received at 54561 <at> debbugs.gnu.org (full text, mbox):
From: Maxime Devos <maximedevos <at> telenet.be> To: Simon Streit <simon <at> netpanic.org>, 54561 <at> debbugs.gnu.org Subject: Re: [bug#54561] v2 [PATCH 3/5] doc: Add documentation for WSDD service. Date: Sat, 09 Apr 2022 10:29:07 +0200
[Message part 1 (text/plain, inline)]
Simon Streit schreef op vr 08-04-2022 om 20:21 [+0200]:
> +@item @code{hostname} (default: @code{#f})
> +Manually set the hostname rather than letting @command{wsdd} inherit
> +this host's hostname.
In what format does the DNS name need to be:
* with trailing dot: foo.net.
* without trailing dot: foo.net
* non-punycoded: é.net
* punycoded: <something with xn-...>
* doesn't matter
?
[signature.asc (application/pgp-signature, inline)]
guix-patches <at> gnu.org:bug#54561; Package guix-patches.
(Thu, 28 Jul 2022 22:24:02 GMT) Full text and rfc822 format available.Message #95 received at 54561 <at> debbugs.gnu.org (full text, mbox):
From: simon <at> netpanic.org To: 54561 <at> debbugs.gnu.org Cc: Simon Streit <simon <at> netpanic.org> Subject: [PATCH v3 1/4] gnu: samba: Add avahi to inputs. Date: Fri, 29 Jul 2022 00:22:12 +0200
From: Simon Streit <simon <at> netpanic.org>
* gnu/packages/samba.scm (samba) <inputs>: Add avahi.
---
gnu/packages/samba.scm | 3 +++
1 file changed, 3 insertions(+)
diff --git a/gnu/packages/samba.scm b/gnu/packages/samba.scm
index f6ead57cc1..da7d9ef2d3 100644
--- a/gnu/packages/samba.scm
+++ b/gnu/packages/samba.scm
@@ -12,6 +12,7 @@
;;; Copyright © 2020, 2022 Maxim Cournoyer <maxim.cournoyer <at> gmail.com>
;;; Copyright © 2022 Jean-Pierre De Jesus DIAZ <me <at> jeandudey.tech>
;;; Copyright © 2022 Guillaume Le Vaillant <glv <at> posteo.net>
+;;; Copyright © 2022 Simon Streit <simon <at> netpanic.org>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -40,6 +41,7 @@ (define-module (gnu packages samba)
#:use-module (gnu packages acl)
#:use-module (gnu packages admin)
#:use-module (gnu packages autotools)
+ #:use-module (gnu packages avahi)
#:use-module (gnu packages backup)
#:use-module (gnu packages base)
#:use-module (gnu packages check)
@@ -239,6 +241,7 @@ (define-public samba
#:tests? #f))
(inputs
(list acl
+ avahi
cmocka
cups
gamin
--
2.37.1
guix-patches <at> gnu.org:bug#54561; Package guix-patches.
(Thu, 28 Jul 2022 22:24:02 GMT) Full text and rfc822 format available.Message #98 received at 54561 <at> debbugs.gnu.org (full text, mbox):
From: simon <at> netpanic.org To: 54561 <at> debbugs.gnu.org Cc: Simon Streit <simon <at> netpanic.org> Subject: [PATCH v3 3/4] gnu: Add wsdd. Date: Fri, 29 Jul 2022 00:22:14 +0200
From: Simon Streit <simon <at> netpanic.org>
* gnu/packages/samba.scm (wsdd): New variable.
---
gnu/packages/samba.scm | 28 ++++++++++++++++++++++++++++
1 file changed, 28 insertions(+)
diff --git a/gnu/packages/samba.scm b/gnu/packages/samba.scm
index da7d9ef2d3..4edcf9c148 100644
--- a/gnu/packages/samba.scm
+++ b/gnu/packages/samba.scm
@@ -35,6 +35,7 @@ (define-module (gnu packages samba)
#:use-module (guix download)
#:use-module (guix git-download)
#:use-module (guix build-system gnu)
+ #:use-module (guix build-system copy)
#:use-module ((guix licenses) #:prefix license:)
#:use-module (guix utils)
#:use-module (gnu packages)
@@ -505,3 +506,30 @@ (define-public ppp
license:bsd-4
license:gpl2+
license:public-domain))))
+
+(define-public wsdd
+ (package
+ (name "wsdd")
+ (version "0.7.0")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference (url "https://github.com/christgau/wsdd")
+ (commit (string-append "v" version))))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32 "04an2w6hamnai668ag4vq8x0i09fsg2jrayb4a7ar0x6bn837k7m"))))
+ (build-system copy-build-system)
+ (inputs
+ `(("python" ,python)))
+ (arguments
+ '(#:install-plan
+ '(("src/wsdd.py" "bin/wsdd")
+ ("man/wsdd.1" "share/man/man1/"))))
+ (home-page "https://github.com/christgau/wsdd")
+ (synopsis "A Web Service Discovery host daemon")
+ (description "This daemon allows (Samba) hosts to be found by Web
+Service Dicovery Clients. It also implements the client side of the
+discovery protocol which allows to search for devices implementing
+WSD.")
+ (license license:expat)))
--
2.37.1
guix-patches <at> gnu.org:bug#54561; Package guix-patches.
(Thu, 28 Jul 2022 22:24:03 GMT) Full text and rfc822 format available.Message #101 received at 54561 <at> debbugs.gnu.org (full text, mbox):
From: simon <at> netpanic.org To: 54561 <at> debbugs.gnu.org Cc: Simon Streit <simon <at> netpanic.org> Subject: [PATCH v3 2/4] services: Add samba service. Date: Fri, 29 Jul 2022 00:22:13 +0200
From: Simon Streit <simon <at> netpanic.org>
* doc/guix.texi: Document it.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
* gnu/local.mk (samba.scm): Add it.
* gnu/services/samba.scm: New file.
* gnu/tests/samba.scm: New file.
* po/guix/POTFILES.in Add it.
---
doc/guix.texi | 53 ++++++++++++
gnu/local.mk | 2 +
gnu/services/samba.scm | 182 +++++++++++++++++++++++++++++++++++++++++
gnu/tests/samba.scm | 158 +++++++++++++++++++++++++++++++++++
po/guix/POTFILES.in | 1 +
5 files changed, 396 insertions(+)
create mode 100644 gnu/services/samba.scm
create mode 100644 gnu/tests/samba.scm
diff --git a/doc/guix.texi b/doc/guix.texi
index 12ecc1b952..614d0a0e03 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -106,6 +106,7 @@ Copyright @copyright{} 2022 Philip M <at> sup{c}Grath@*
Copyright @copyright{} 2022 Karl Hallsby@*
Copyright @copyright{} 2022 Justin Veilleux@*
Copyright @copyright{} 2022 Reily Siegel@*
+Copyright @copyright{} 2022 Simon Streit@*
Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU Free Documentation License, Version 1.3 or
@@ -385,6 +386,7 @@ Services
* DNS Services:: DNS daemons.
* VPN Services:: VPN daemons.
* Network File System:: NFS related services.
+* Samba Services:: Samba services.
* Continuous Integration:: Cuirass and Laminar services.
* Power Management Services:: Extending battery life.
* Audio Services:: The MPD.
@@ -17451,6 +17453,7 @@ declaration.
* DNS Services:: DNS daemons.
* VPN Services:: VPN daemons.
* Network File System:: NFS related services.
+* Samba Services:: Samba services.
* Continuous Integration:: Cuirass and Laminar services.
* Power Management Services:: Extending battery life.
* Audio Services:: The MPD.
@@ -31194,6 +31197,56 @@ The verbosity level of the daemon.
@end table
@end deftp
+@node Samba Services, Continuous Integration, Network File System, Services
+@subsection Samba Services
+
+@cindex Samba
+@cindex SMB
+The @code{(gnu services samba)} module provides service definitions for
+Samba as well as additional helper services. Currently it provides the
+following services.
+
+@subsubheading Samba
+
+@uref{https://www.samba.org, Samba} provides network shares for folders
+and printers using the SMB/CIFS protocol commonly used on Windows. It
+can also act as an Active Directory Domain Controller (AD DC) for other
+hosts in an heterougenious network with different types of Computer
+systems.
+
+@defvar {Scheme variable} samba-service-type
+
+The service type to enable the samba services @code{samba}, @code{nmbd},
+@code{smbd} and @code{winbindd}. By default this service type does not
+run as an AD DC, hence @code{samba} remains disabled.
+
+@end defvar
+
+@deftp{Data Type} samba-service-configuration
+Configuration record for the Samba suite.
+
+@table @asis
+@item @code{package} (default: @code{samba})
+The samba package to use.
+
+@item @code{config-file} (default: @code{#f})
+The config file to use.
+
+@item @code{enable-samba?} (default: @code{#f})
+Manually enable the @code{samba} daemon.
+
+@item @code{enable-smbd?} (default: @code{#f})
+Manually enable the @code{smbd} daemon.
+
+@item @code{enable-nmbd?} (default: @code{#f})
+Manually enable the @code{nmbd} daemon.
+
+@item @code{enable-winbindd?} (default: @code{#f})
+Manually enable the @code{winbindd} daemon.
+
+@end table
+@end deftp
+
@node Continuous Integration
@subsection Continuous Integration
diff --git a/gnu/local.mk b/gnu/local.mk
index 72637761d5..9c1f5ff5b8 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -676,6 +676,7 @@ GNU_SYSTEM_MODULES = \
%D%/services/herd.scm \
%D%/services/pm.scm \
%D%/services/rsync.scm \
+ %D%/services/samba.scm \
%D%/services/sddm.scm \
%D%/services/spice.scm \
%D%/services/ssh.scm \
@@ -754,6 +755,7 @@ GNU_SYSTEM_MODULES = \
%D%/tests/package-management.scm \
%D%/tests/reconfigure.scm \
%D%/tests/rsync.scm \
+ %D%/tests/samba.scm \
%D%/tests/security-token.scm \
%D%/tests/singularity.scm \
%D%/tests/ssh.scm \
diff --git a/gnu/services/samba.scm b/gnu/services/samba.scm
new file mode 100644
index 0000000000..2c9e52a0b0
--- /dev/null
+++ b/gnu/services/samba.scm
@@ -0,0 +1,182 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2022 Simon Streit <simon <at> netpanic.org>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu services samba)
+
+ #:use-module (gnu packages)
+ #:use-module (gnu packages base)
+ #:use-module (gnu packages admin)
+ #:use-module (gnu packages samba)
+
+ #:use-module (gnu services)
+ #:use-module (gnu services configuration)
+ #:use-module (gnu services shepherd)
+ #:use-module (gnu services base)
+ #:use-module (gnu system shadow)
+
+ #:use-module (guix gexp)
+ #:use-module (guix packages)
+ #:use-module (guix modules)
+ #:use-module (guix records)
+
+ #:use-module (ice-9 format)
+ #:use-module (ice-9 match)
+ #:use-module (ice-9 textual-ports)
+ #:use-module (srfi srfi-1)
+
+ #:export (samba-service-type
+ samba-configuration
+ samba-smb-conf))
+
+(define %smb-conf
+ (plain-file "smb.conf" "[global]
+ workgroup = WORKGROUP
+ server string = Samba Server
+ server role = standalone server
+ log file = /var/log/samba/log.%m
+ logging = file
+"))
+
+(define-record-type* <samba-configuration>
+ samba-configuration
+ make-samba-configuration
+ samba-configuration?
+ (package samba-configuration-package
+ (default samba))
+ (config-file samba-configuration-config-file
+ (default #f))
+ (enable-samba? samba-configuration-enable-samba?
+ (default #f))
+ (enable-smbd? samba-configuration-enable-smbd?
+ (default #t))
+ (enable-nmbd? samba-configuration-enable-nmbd?
+ (default #t))
+ (enable-winbindd? samba-configuration-enable-winbindd?
+ (default #t)))
+
+(define (samba-activation config)
+ (let ((package (samba-configuration-package config))
+ (config-file (samba-configuration-config-file config)))
+ (with-imported-modules '((guix build utils))
+ (let ((lib-dir "/var/lib/samba")
+ (log-dir "/var/log/samba")
+ (run-dir "/var/run/samba")
+ (lock-dir "/var/lock/samba")
+ (cache-dir "/var/cache/samba")
+ (etc-dir "/etc/samba")
+ (smb.conf "/etc/samba/smb.conf"))
+ #~(begin
+ (use-modules (guix build utils))
+ (mkdir-p #$etc-dir)
+ (mkdir-p #$lib-dir)
+ (mkdir-p/perms (string-append #$lib-dir "/private")
+ (getpwnam "root") #o700)
+ (mkdir-p #$log-dir)
+ (mkdir-p #$run-dir)
+ (mkdir-p #$lock-dir)
+ (mkdir-p #$cache-dir)
+ (copy-file #$config-file #$smb.conf)
+ (invoke #$(file-append package "/bin/testparm")
+ "--suppress-prompt" #$smb.conf))))))
+
+(define (samba-samba-shepherd-service config)
+ (let ((package (samba-configuration-package config))
+ (config-file (samba-configuration-config-file config)))
+ (list (shepherd-service
+ (documentation "Run Samba")
+ (provision '(samba-samba))
+ (requirement '(networking))
+ (start #~(make-forkexec-constructor
+ (list #$(file-append package "/sbin/samba")
+ (string-append "--configfile=" #$config-file)
+ "--foreground"
+ "--no-process-group")))
+ (stop #~(make-kill-destructor))))))
+
+(define (samba-nmbd-shepherd-service config)
+ (let ((package (samba-configuration-package config))
+ (config-file (samba-configuration-config-file config)))
+ (list (shepherd-service
+ (documentation "Run NMBD")
+ (provision '(samba-nmbd))
+ (requirement '(networking))
+ (start #~(make-forkexec-constructor
+ (list #$(file-append package "/sbin/nmbd")
+ (string-append "--configfile=" #$config-file)
+ "--foreground"
+ "--no-process-group")))
+ (stop #~(make-kill-destructor))))))
+
+(define (samba-smbd-shepherd-service config)
+ (let ((package (samba-configuration-package config))
+ (config-file (samba-configuration-config-file config)))
+ (list (shepherd-service
+ (documentation "Run SMBD")
+ (provision '(samba-smbd))
+ (requirement '(networking))
+ (start #~(make-forkexec-constructor
+ (list #$(file-append package "/sbin/smbd")
+ (string-append "--configfile=" #$config-file)
+ "--foreground"
+ "--no-process-group")))
+ (stop #~(make-kill-destructor))))))
+
+(define (samba-winbindd-shepherd-service config)
+ (let ((package (samba-configuration-package config))
+ (config-file (samba-configuration-config-file config)))
+ (list (shepherd-service
+ (documentation "Run Winnbindd for Name Service Switch")
+ (provision '(samba-winbindd))
+ (requirement '(networking))
+ (start #~(make-forkexec-constructor
+ (list #$(file-append package "/sbin/winbindd")
+ (string-append "--configfile=" #$config-file)
+ "--foreground"
+ "--no-process-group")))
+ (stop #~(make-kill-destructor))))))
+
+(define (samba-shepherd-services config)
+ (append (if (samba-configuration-enable-samba? config)
+ (samba-samba-shepherd-service config)
+ '())
+ (if (samba-configuration-enable-nmbd? config)
+ (samba-nmbd-shepherd-service config)
+ '())
+ (if (samba-configuration-enable-smbd? config)
+ (samba-smbd-shepherd-service config)
+ '())
+ (if (samba-configuration-enable-winbindd? config)
+ (samba-winbindd-shepherd-service config)
+ '())))
+
+(define samba-service-type
+ (service-type
+ (name 'samba)
+ (description "Run @uref{https://www.samba.org/, Samba}, a network file and
+print service for all clients using the SMB/CIFS protocol. Samba is an
+important component to seamlessly integrate Linux/Unix Servers and Desktops
+into Active Directory environments. It can function both as a domain
+controller or as a regular domain member.")
+ (extensions
+ (list (service-extension shepherd-root-service-type
+ samba-shepherd-services)
+ (service-extension activation-service-type
+ samba-activation)
+ (service-extension profile-service-type
+ (compose list samba-configuration-package))))
+ (default-value (samba-configuration))))
diff --git a/gnu/tests/samba.scm b/gnu/tests/samba.scm
new file mode 100644
index 0000000000..27d7ea49c3
--- /dev/null
+++ b/gnu/tests/samba.scm
@@ -0,0 +1,158 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2022 Simon Streit <simon <at> netpanic.org>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu tests samba)
+ #:use-module (gnu tests)
+ #:use-module (gnu system)
+ #:use-module (gnu system vm)
+ #:use-module (gnu services)
+ #:use-module (gnu services networking)
+ #:use-module (gnu services samba)
+ #:use-module (gnu packages samba)
+ #:use-module (guix gexp)
+ #:use-module (guix store)
+ #:export (%test-samba))
+
+
+;;;
+;;; The Samba service.
+;;;
+
+(define %samba-os
+ (let ((base-os (simple-operating-system
+ (simple-service 'create-target-directory activation-service-type
+ #~(begin
+ (mkdir-p "/srv/samba/guest")
+ (chown "/srv/samba/guest"
+ (passwd:uid (getpw "nobody"))
+ (passwd:gid (getpw "nobody")))))
+ (service dhcp-client-service-type)
+ (service samba-service-type
+ (samba-configuration
+ (config-file (plain-file "smb.conf" "
+[global]
+ workgroup = WORKGROUP
+ server string = Samba Server
+ server role = standalone server
+ log file = /var/log/samba/log.%m
+ logging = file
+
+[guest]
+ path = /srv/samba/guest
+ read only = no
+ guest ok = yes
+ guest only = yes
+")))))))
+ (operating-system
+ (inherit base-os)
+ (packages (cons samba (operating-system-packages base-os))))))
+
+(define* (run-samba-test)
+ "Return a test of an OS running Samba service."
+
+ (define vm
+ (virtual-machine
+ (operating-system (marionette-operating-system
+ %samba-os
+ #:imported-modules '((gnu services herd))))
+ (port-forwardings '((8135 . 135)
+ (8137 . 137)
+ (8138 . 138)
+ (8445 . 445)))))
+
+ (define test
+ (with-imported-modules '((gnu build marionette))
+ #~(begin
+ (use-modules (gnu build marionette)
+ (srfi srfi-26)
+ (srfi srfi-64))
+
+ (define marionette
+ (make-marionette '(#$vm)))
+
+ (test-runner-current (system-test-runner #$output))
+ (test-begin "samba")
+
+ (test-assert "samba-smbd running"
+ (marionette-eval
+ '(begin
+ (use-modules (gnu services herd))
+ (start-service 'samba-smbd))
+ marionette))
+
+ (test-assert "samba-nmbd running"
+ (marionette-eval
+ '(begin
+ (use-modules (gnu services herd))
+ (start-service 'samba-nmbd))
+ marionette))
+
+ (test-assert "samba-winbindd running"
+ (marionette-eval
+ '(begin
+ (use-modules (gnu services herd))
+ (start-service 'samba-winbindd))
+ marionette))
+
+ (test-assert "smbd service process id"
+ (let ((pid
+ (number->string (wait-for-file "/var/run/samba/smbd.pid"
+ marionette))))
+ (marionette-eval `(file-exists? (string-append "/proc/" ,pid))
+ marionette)))
+
+ (test-assert "nmbd service process id"
+ (let ((pid
+ (number->string (wait-for-file "/var/run/samba/nmbd.pid"
+ marionette))))
+ (marionette-eval `(file-exists? (string-append "/proc/" ,pid))
+ marionette)))
+
+ (test-assert "winbindd service process id"
+ (let ((pid
+ (number->string (wait-for-file "/var/run/samba/winbindd.pid"
+ marionette))))
+ (marionette-eval `(file-exists? (string-append "/proc/" ,pid))
+ marionette)))
+
+ (test-assert "samba-smbd is listening for peers"
+ (wait-for-tcp-port 445 marionette))
+
+ (test-equal "smbclient connect"
+ 0
+ (marionette-eval
+ '(system* #$(file-append samba "/bin/smbclient")
+ "--list=localhost" "--no-pass")
+ marionette))
+
+ (test-equal "smbclient connect"
+ 0
+ (marionette-eval
+ '(system* #$(file-append samba "/bin/smbclient")
+ "--list=localhost" "--no-pass")
+ marionette))
+
+ (test-end))))
+
+ (gexp->derivation "samba-test" test))
+
+(define %test-samba
+ (system-test
+ (name "samba")
+ (description "Connect to a running Samba daemon.")
+ (value (run-samba-test))))
diff --git a/po/guix/POTFILES.in b/po/guix/POTFILES.in
index f50dd00422..9088a627ff 100644
--- a/po/guix/POTFILES.in
+++ b/po/guix/POTFILES.in
@@ -6,6 +6,7 @@ gnu/services.scm
gnu/system.scm
gnu/services/configuration.scm
gnu/services/shepherd.scm
+gnu/services/samba.scm
gnu/home/services.scm
gnu/home/services/ssh.scm
gnu/home/services/symlink-manager.scm
--
2.37.1
guix-patches <at> gnu.org:bug#54561; Package guix-patches.
(Thu, 28 Jul 2022 22:24:03 GMT) Full text and rfc822 format available.Message #104 received at 54561 <at> debbugs.gnu.org (full text, mbox):
From: simon <at> netpanic.org To: 54561 <at> debbugs.gnu.org Cc: Simon Streit <simon <at> netpanic.org> Subject: [PATCH v3 0/4] Add samba and wsdd to services list. Date: Fri, 29 Jul 2022 00:22:11 +0200
From: Simon Streit <simon <at> netpanic.org> Hello, here my third iteration preparing this patch series. Now there are tests included too. There is a slight modification in samba's package declaration to include avahi as a dependency. Samba uses avahi to advertise instances to other hosts that understand mDNS through avahi. Simon Streit (4): gnu: samba: Add avahi to inputs. services: Add samba service. gnu: Add wsdd. services: Add wsdd service. doc/guix.texi | 122 ++++++++++++++++++ gnu/local.mk | 2 + gnu/packages/samba.scm | 31 +++++ gnu/services/samba.scm | 285 +++++++++++++++++++++++++++++++++++++++++ gnu/tests/samba.scm | 217 +++++++++++++++++++++++++++++++ po/guix/POTFILES.in | 1 + 6 files changed, 658 insertions(+) create mode 100644 gnu/services/samba.scm create mode 100644 gnu/tests/samba.scm -- 2.37.1
guix-patches <at> gnu.org:bug#54561; Package guix-patches.
(Thu, 28 Jul 2022 22:24:04 GMT) Full text and rfc822 format available.Message #107 received at 54561 <at> debbugs.gnu.org (full text, mbox):
From: simon <at> netpanic.org To: 54561 <at> debbugs.gnu.org Cc: Simon Streit <simon <at> netpanic.org> Subject: [PATCH v3 4/4] services: Add wsdd service. Date: Fri, 29 Jul 2022 00:22:15 +0200
From: Simon Streit <simon <at> netpanic.org>
* doc/guix.texi: Add documentation for wsdd service.
* gnu/services/samba.scm (<wsdd-configuration>): New record.
(wsdd-service-type): New variable.
(wsdd-shepherd-services): New procedure.
* gnu/tests/samba.scm: wsdd test.
---
doc/guix.texi | 69 +++++++++++++++++++++++++++
gnu/services/samba.scm | 105 ++++++++++++++++++++++++++++++++++++++++-
gnu/tests/samba.scm | 61 +++++++++++++++++++++++-
3 files changed, 233 insertions(+), 2 deletions(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index 614d0a0e03..c168f063c3 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -31247,6 +31247,75 @@ Manually enable the @code{winbindd} daemon.
@end table
@end deftp
+@cindex wsdd
+@subsubheading Web Service Discovery Daemon
+
+Web Service Discovery Daemon implements
+@uref{http://docs.oasis-open.org/ws-dd/discovery/1.1/os/wsdd-discovery-1.1-spec-os.html,
+Web Services Dynamic Discovery} protocol that enables host discovery --
+similar to Avahi -- over Multicast DNS. It is a drop-in replacement for
+SMB hosts that have had SMBv1 disabled for security reasons.
+
+@defvr {Scheme Variable} wsdd-service-type
+
+Service type for the WSD host daemon. The value for
+this service type is a @code{wsdd-configuration} record. The details
+for the @code{wsdd-configuration} record type are given below.
+@end defvr
+
+@deftp{Data Type} wsdd-configuration This data type represents the
+configuration for the wsdd service.
+
+@table @asis
+
+@item @code{package} (default: @code{wsdd})
+The wsdd package to use.
+
+@item @code{ipv4only?} (default: @code{#f})
+Only listen to IPv4 addresses.
+
+@item @code{ipv6only} (default: @code{#f})
+Only listen to IPv6 addresses. Please note: Activating both options is
+not possible, since there would be no IP versions to listen to.
+
+@item @code{chroot} (default: @code{#f})
+Chroot into a separate directory to prevent access to other directories.
+This is to increase security in case there is a vulnerability in
+@command{wsdd}.
+
+@item @code{hop-limit} (default: @code{1})
+Limit to the level of hops for multicast packets. The default is
+@var{1} which should prevent packets from leaving the local network.
+
+@item @code{interface} (default: @code{'()})
+Limit to the given list of interfaces to listen to. By default wsdd
+will listen to all interfaces. Except the loopback interface is never
+used.
+
+@item @code{uuid-device} (default: @code{#f})
+The WSD protocol requires a device to have a UUID. Set this to manually
+assign the service a UUID.
+
+@item @code{domain} (default: @code{#f})
+Notify this host is a member of an Active Directory.
+
+@item @code{host-name} (default: @code{#f})
+Manually set the hostname rather than letting @command{wsdd} inherit
+this host's hostname. Only the host name part of a possible FQDN will
+be used in the default case.
+
+@item @code{preserve-case?} (default: @code{#f})
+By default @command{wsdd} will convert the hostname in workgroup to all
+uppercase. The opposite is true for hostnames in domains. Setting this
+parameter will preserve case.
+
+@item @code{workgroup} (default: @var{"WORKGROUP"})
+Change the name of the workgroup. By default @command{wsdd} reports
+this host being member of a workgroup.
+
+@end table
+@end deftp
+
@node Continuous Integration
@subsection Continuous Integration
diff --git a/gnu/services/samba.scm b/gnu/services/samba.scm
index 2c9e52a0b0..c1f9033d63 100644
--- a/gnu/services/samba.scm
+++ b/gnu/services/samba.scm
@@ -41,7 +41,10 @@ (define-module (gnu services samba)
#:export (samba-service-type
samba-configuration
- samba-smb-conf))
+ samba-smb-conf
+
+ wsdd-service-type
+ wsdd-configuration))
(define %smb-conf
(plain-file "smb.conf" "[global]
@@ -180,3 +183,103 @@ (define samba-service-type
(service-extension profile-service-type
(compose list samba-configuration-package))))
(default-value (samba-configuration))))
+
+
+;;;
+;;; WSDD
+;;;
+
+(define-record-type* <wsdd-configuration>
+ wsdd-configuration
+ make-wsdd-configuration
+ wsdd-configuration?
+ (package wsdd-configuration-package
+ (default wsdd))
+ (ipv4only? wsdd-configuration-ipv4only?
+ (default #f))
+ (ipv6only? wsdd-configuration-ipv6only?
+ (default #f))
+ (chroot wsdd-configuration-chroot
+ (default #f))
+ (hoplimit wsdd-configuration-hoplimit
+ (default 1))
+ (interfaces wsdd-configuration-interfaces
+ (default '()))
+ (uuid-device wsdd-configuration-uuid-device
+ (default #f))
+ (domain wsdd-configuration-domain
+ (default #f))
+ (hostname wsdd-configuration-hostname
+ (default #f))
+ (preserve-case? wsdd-configuration-preserve-case?
+ (default #f))
+ (workgroup wsdd-configuration-workgroup
+ (default "WORKGROUP")))
+
+(define wsdd-accounts
+ (list
+ (user-group (name "wsdd"))
+ (user-account (name "wsdd")
+ (group "wsdd")
+ (comment "Web Service Discovery user")
+ (home-directory "/var/empty")
+ (shell (file-append shadow "/sbin/nologin")))))
+
+(define wsdd-shepherd-service
+ (match-lambda
+ (($ <wsdd-configuration> package ipv4only? ipv6only? chroot hoplimit
+ interfaces uuid-device domain hostname
+ preserve-case? workgroup)
+ (list (shepherd-service
+ (documentation "Run a Web Service Discovery service")
+ (provision '(wsdd))
+ (requirement '(networking))
+ (start #~(make-forkexec-constructor
+ (list #$(file-append package "/bin/wsdd")
+ #$@(if ipv4only?
+ #~("--ipv4only")
+ '())
+ #$@(if ipv6only?
+ #~("--ipv6only")
+ '())
+ #$@(if chroot
+ #~("--chroot" #$chroot)
+ '())
+ #$@(if hoplimit
+ #~("--hoplimit" #$(number->string hoplimit))
+ '())
+ #$@(map (lambda (interfaces)
+ (string-append "--interface=" interfaces))
+ interfaces)
+ #$@(if uuid-device
+ #~("--uuid" #$uuid-device)
+ '())
+ #$@(if domain
+ #~("--domain" #$domain)
+ '())
+ #$@(if hostname
+ #~("--hostname" #$hostname)
+ '())
+ #$@(if preserve-case?
+ #~("--preserve-case")
+ '())
+ #$@(if workgroup
+ #~("--workgroup" #$workgroup)
+ '()))
+ #:user "wsdd"
+ #:group "wsdd"
+ #:log-file "/var/log/wsdd.log"))
+ (stop #~(make-kill-destructor)))))))
+
+(define wsdd-service-type
+ (service-type
+ (name 'wsdd)
+ (description "Web Service Discovery Daemon")
+ (extensions
+ (list (service-extension shepherd-root-service-type
+ wsdd-shepherd-service)
+ (service-extension account-service-type
+ (const wsdd-accounts))
+ (service-extension profile-service-type
+ (compose list wsdd-configuration-package))))
+ (default-value (wsdd-configuration))))
diff --git a/gnu/tests/samba.scm b/gnu/tests/samba.scm
index 27d7ea49c3..6b065cd5de 100644
--- a/gnu/tests/samba.scm
+++ b/gnu/tests/samba.scm
@@ -26,7 +26,8 @@ (define-module (gnu tests samba)
#:use-module (gnu packages samba)
#:use-module (guix gexp)
#:use-module (guix store)
- #:export (%test-samba))
+ #:export (%test-samba
+ %test-wsdd))
;;;
@@ -156,3 +157,61 @@ (define %test-samba
(name "samba")
(description "Connect to a running Samba daemon.")
(value (run-samba-test))))
+
+
+;;;
+;;; The wsdd service.
+;;;
+
+(define %wsdd-os
+ (let ((base-os (simple-operating-system
+ (service dhcp-client-service-type)
+ (service wsdd-service-type))))
+ (operating-system
+ (inherit base-os)
+ (packages (cons wsdd (operating-system-packages base-os))))))
+
+(define* (run-wsdd-test)
+ "Return a test of an OS running wsdd service."
+
+ (define vm
+ (virtual-machine
+ (operating-system (marionette-operating-system
+ %wsdd-os
+ #:imported-modules '((gnu services herd))))
+ (port-forwardings '((8135 . 135)
+ (8137 . 137)
+ (8138 . 138)
+ (8445 . 445)))))
+
+ (define test
+ (with-imported-modules '((gnu build marionette))
+ #~(begin
+ (use-modules (gnu build marionette)
+ (srfi srfi-26)
+ (srfi srfi-64))
+
+ (define marionette
+ (make-marionette '(#$vm)))
+
+ (test-runner-current (system-test-runner #$output))
+ (test-begin "wsdd")
+
+ ;; Here shall be more tests to begin with.
+
+ (test-assert "wsdd running"
+ (marionette-eval
+ '(begin
+ (use-modules (gnu services herd))
+ (start-service 'wsdd))
+ marionette))
+
+ (test-end))))
+
+ (gexp->derivation "samba-test" test))
+
+(define %test-wsdd
+ (system-test
+ (name "wsdd")
+ (description "Connect to a running wsdd daemon.")
+ (value (run-wsdd-test))))
--
2.37.1
guix-patches <at> gnu.org:bug#54561; Package guix-patches.
(Mon, 08 Aug 2022 14:57:02 GMT) Full text and rfc822 format available.Message #110 received at 54561 <at> debbugs.gnu.org (full text, mbox):
From: simon <at> netpanic.org To: 54561 <at> debbugs.gnu.org Cc: Simon Streit <simon <at> netpanic.org> Subject: [PATCH v3 0/4] Add samba and wsdd to services list. Date: Mon, 8 Aug 2022 16:56:39 +0200
From: Simon Streit <simon <at> netpanic.org> Hello, here my third iteration preparing this patch series. Now there are tests included too. There is a slight modification in samba's package declaration to include avahi as a dependency. Samba uses avahi to advertise instances to other hosts that understand mDNS through avahi. Simon Streit (4): gnu: samba: Add avahi to inputs. services: Add samba service. gnu: Add wsdd. services: Add wsdd service. doc/guix.texi | 122 ++++++++++++++++++ gnu/local.mk | 2 + gnu/packages/samba.scm | 31 +++++ gnu/services/samba.scm | 285 +++++++++++++++++++++++++++++++++++++++++ gnu/tests/samba.scm | 217 +++++++++++++++++++++++++++++++ po/guix/POTFILES.in | 1 + 6 files changed, 658 insertions(+) create mode 100644 gnu/services/samba.scm create mode 100644 gnu/tests/samba.scm -- 2.37.1
guix-patches <at> gnu.org:bug#54561; Package guix-patches.
(Mon, 08 Aug 2022 14:57:03 GMT) Full text and rfc822 format available.Message #113 received at 54561 <at> debbugs.gnu.org (full text, mbox):
From: simon <at> netpanic.org To: 54561 <at> debbugs.gnu.org Cc: Simon Streit <simon <at> netpanic.org> Subject: [PATCH v3 2/4] services: Add samba service. Date: Mon, 8 Aug 2022 16:56:41 +0200
From: Simon Streit <simon <at> netpanic.org>
* doc/guix.texi: Document it.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
* gnu/local.mk (samba.scm): Add it.
* gnu/services/samba.scm: New file.
* gnu/tests/samba.scm: New file.
* po/guix/POTFILES.in Add it.
---
doc/guix.texi | 53 ++++++++++++
gnu/local.mk | 2 +
gnu/services/samba.scm | 182 +++++++++++++++++++++++++++++++++++++++++
gnu/tests/samba.scm | 158 +++++++++++++++++++++++++++++++++++
po/guix/POTFILES.in | 1 +
5 files changed, 396 insertions(+)
create mode 100644 gnu/services/samba.scm
create mode 100644 gnu/tests/samba.scm
diff --git a/doc/guix.texi b/doc/guix.texi
index 12ecc1b952..614d0a0e03 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -106,6 +106,7 @@ Copyright @copyright{} 2022 Philip M <at> sup{c}Grath@*
Copyright @copyright{} 2022 Karl Hallsby@*
Copyright @copyright{} 2022 Justin Veilleux@*
Copyright @copyright{} 2022 Reily Siegel@*
+Copyright @copyright{} 2022 Simon Streit@*
Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU Free Documentation License, Version 1.3 or
@@ -385,6 +386,7 @@ Services
* DNS Services:: DNS daemons.
* VPN Services:: VPN daemons.
* Network File System:: NFS related services.
+* Samba Services:: Samba services.
* Continuous Integration:: Cuirass and Laminar services.
* Power Management Services:: Extending battery life.
* Audio Services:: The MPD.
@@ -17451,6 +17453,7 @@ declaration.
* DNS Services:: DNS daemons.
* VPN Services:: VPN daemons.
* Network File System:: NFS related services.
+* Samba Services:: Samba services.
* Continuous Integration:: Cuirass and Laminar services.
* Power Management Services:: Extending battery life.
* Audio Services:: The MPD.
@@ -31194,6 +31197,56 @@ The verbosity level of the daemon.
@end table
@end deftp
+@node Samba Services, Continuous Integration, Network File System, Services
+@subsection Samba Services
+
+@cindex Samba
+@cindex SMB
+The @code{(gnu services samba)} module provides service definitions for
+Samba as well as additional helper services. Currently it provides the
+following services.
+
+@subsubheading Samba
+
+@uref{https://www.samba.org, Samba} provides network shares for folders
+and printers using the SMB/CIFS protocol commonly used on Windows. It
+can also act as an Active Directory Domain Controller (AD DC) for other
+hosts in an heterougenious network with different types of Computer
+systems.
+
+@defvar {Scheme variable} samba-service-type
+
+The service type to enable the samba services @code{samba}, @code{nmbd},
+@code{smbd} and @code{winbindd}. By default this service type does not
+run as an AD DC, hence @code{samba} remains disabled.
+
+@end defvar
+
+@deftp{Data Type} samba-service-configuration
+Configuration record for the Samba suite.
+
+@table @asis
+@item @code{package} (default: @code{samba})
+The samba package to use.
+
+@item @code{config-file} (default: @code{#f})
+The config file to use.
+
+@item @code{enable-samba?} (default: @code{#f})
+Manually enable the @code{samba} daemon.
+
+@item @code{enable-smbd?} (default: @code{#f})
+Manually enable the @code{smbd} daemon.
+
+@item @code{enable-nmbd?} (default: @code{#f})
+Manually enable the @code{nmbd} daemon.
+
+@item @code{enable-winbindd?} (default: @code{#f})
+Manually enable the @code{winbindd} daemon.
+
+@end table
+@end deftp
+
@node Continuous Integration
@subsection Continuous Integration
diff --git a/gnu/local.mk b/gnu/local.mk
index 72637761d5..9c1f5ff5b8 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -676,6 +676,7 @@ GNU_SYSTEM_MODULES = \
%D%/services/herd.scm \
%D%/services/pm.scm \
%D%/services/rsync.scm \
+ %D%/services/samba.scm \
%D%/services/sddm.scm \
%D%/services/spice.scm \
%D%/services/ssh.scm \
@@ -754,6 +755,7 @@ GNU_SYSTEM_MODULES = \
%D%/tests/package-management.scm \
%D%/tests/reconfigure.scm \
%D%/tests/rsync.scm \
+ %D%/tests/samba.scm \
%D%/tests/security-token.scm \
%D%/tests/singularity.scm \
%D%/tests/ssh.scm \
diff --git a/gnu/services/samba.scm b/gnu/services/samba.scm
new file mode 100644
index 0000000000..2c9e52a0b0
--- /dev/null
+++ b/gnu/services/samba.scm
@@ -0,0 +1,182 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2022 Simon Streit <simon <at> netpanic.org>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu services samba)
+
+ #:use-module (gnu packages)
+ #:use-module (gnu packages base)
+ #:use-module (gnu packages admin)
+ #:use-module (gnu packages samba)
+
+ #:use-module (gnu services)
+ #:use-module (gnu services configuration)
+ #:use-module (gnu services shepherd)
+ #:use-module (gnu services base)
+ #:use-module (gnu system shadow)
+
+ #:use-module (guix gexp)
+ #:use-module (guix packages)
+ #:use-module (guix modules)
+ #:use-module (guix records)
+
+ #:use-module (ice-9 format)
+ #:use-module (ice-9 match)
+ #:use-module (ice-9 textual-ports)
+ #:use-module (srfi srfi-1)
+
+ #:export (samba-service-type
+ samba-configuration
+ samba-smb-conf))
+
+(define %smb-conf
+ (plain-file "smb.conf" "[global]
+ workgroup = WORKGROUP
+ server string = Samba Server
+ server role = standalone server
+ log file = /var/log/samba/log.%m
+ logging = file
+"))
+
+(define-record-type* <samba-configuration>
+ samba-configuration
+ make-samba-configuration
+ samba-configuration?
+ (package samba-configuration-package
+ (default samba))
+ (config-file samba-configuration-config-file
+ (default #f))
+ (enable-samba? samba-configuration-enable-samba?
+ (default #f))
+ (enable-smbd? samba-configuration-enable-smbd?
+ (default #t))
+ (enable-nmbd? samba-configuration-enable-nmbd?
+ (default #t))
+ (enable-winbindd? samba-configuration-enable-winbindd?
+ (default #t)))
+
+(define (samba-activation config)
+ (let ((package (samba-configuration-package config))
+ (config-file (samba-configuration-config-file config)))
+ (with-imported-modules '((guix build utils))
+ (let ((lib-dir "/var/lib/samba")
+ (log-dir "/var/log/samba")
+ (run-dir "/var/run/samba")
+ (lock-dir "/var/lock/samba")
+ (cache-dir "/var/cache/samba")
+ (etc-dir "/etc/samba")
+ (smb.conf "/etc/samba/smb.conf"))
+ #~(begin
+ (use-modules (guix build utils))
+ (mkdir-p #$etc-dir)
+ (mkdir-p #$lib-dir)
+ (mkdir-p/perms (string-append #$lib-dir "/private")
+ (getpwnam "root") #o700)
+ (mkdir-p #$log-dir)
+ (mkdir-p #$run-dir)
+ (mkdir-p #$lock-dir)
+ (mkdir-p #$cache-dir)
+ (copy-file #$config-file #$smb.conf)
+ (invoke #$(file-append package "/bin/testparm")
+ "--suppress-prompt" #$smb.conf))))))
+
+(define (samba-samba-shepherd-service config)
+ (let ((package (samba-configuration-package config))
+ (config-file (samba-configuration-config-file config)))
+ (list (shepherd-service
+ (documentation "Run Samba")
+ (provision '(samba-samba))
+ (requirement '(networking))
+ (start #~(make-forkexec-constructor
+ (list #$(file-append package "/sbin/samba")
+ (string-append "--configfile=" #$config-file)
+ "--foreground"
+ "--no-process-group")))
+ (stop #~(make-kill-destructor))))))
+
+(define (samba-nmbd-shepherd-service config)
+ (let ((package (samba-configuration-package config))
+ (config-file (samba-configuration-config-file config)))
+ (list (shepherd-service
+ (documentation "Run NMBD")
+ (provision '(samba-nmbd))
+ (requirement '(networking))
+ (start #~(make-forkexec-constructor
+ (list #$(file-append package "/sbin/nmbd")
+ (string-append "--configfile=" #$config-file)
+ "--foreground"
+ "--no-process-group")))
+ (stop #~(make-kill-destructor))))))
+
+(define (samba-smbd-shepherd-service config)
+ (let ((package (samba-configuration-package config))
+ (config-file (samba-configuration-config-file config)))
+ (list (shepherd-service
+ (documentation "Run SMBD")
+ (provision '(samba-smbd))
+ (requirement '(networking))
+ (start #~(make-forkexec-constructor
+ (list #$(file-append package "/sbin/smbd")
+ (string-append "--configfile=" #$config-file)
+ "--foreground"
+ "--no-process-group")))
+ (stop #~(make-kill-destructor))))))
+
+(define (samba-winbindd-shepherd-service config)
+ (let ((package (samba-configuration-package config))
+ (config-file (samba-configuration-config-file config)))
+ (list (shepherd-service
+ (documentation "Run Winnbindd for Name Service Switch")
+ (provision '(samba-winbindd))
+ (requirement '(networking))
+ (start #~(make-forkexec-constructor
+ (list #$(file-append package "/sbin/winbindd")
+ (string-append "--configfile=" #$config-file)
+ "--foreground"
+ "--no-process-group")))
+ (stop #~(make-kill-destructor))))))
+
+(define (samba-shepherd-services config)
+ (append (if (samba-configuration-enable-samba? config)
+ (samba-samba-shepherd-service config)
+ '())
+ (if (samba-configuration-enable-nmbd? config)
+ (samba-nmbd-shepherd-service config)
+ '())
+ (if (samba-configuration-enable-smbd? config)
+ (samba-smbd-shepherd-service config)
+ '())
+ (if (samba-configuration-enable-winbindd? config)
+ (samba-winbindd-shepherd-service config)
+ '())))
+
+(define samba-service-type
+ (service-type
+ (name 'samba)
+ (description "Run @uref{https://www.samba.org/, Samba}, a network file and
+print service for all clients using the SMB/CIFS protocol. Samba is an
+important component to seamlessly integrate Linux/Unix Servers and Desktops
+into Active Directory environments. It can function both as a domain
+controller or as a regular domain member.")
+ (extensions
+ (list (service-extension shepherd-root-service-type
+ samba-shepherd-services)
+ (service-extension activation-service-type
+ samba-activation)
+ (service-extension profile-service-type
+ (compose list samba-configuration-package))))
+ (default-value (samba-configuration))))
diff --git a/gnu/tests/samba.scm b/gnu/tests/samba.scm
new file mode 100644
index 0000000000..27d7ea49c3
--- /dev/null
+++ b/gnu/tests/samba.scm
@@ -0,0 +1,158 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2022 Simon Streit <simon <at> netpanic.org>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu tests samba)
+ #:use-module (gnu tests)
+ #:use-module (gnu system)
+ #:use-module (gnu system vm)
+ #:use-module (gnu services)
+ #:use-module (gnu services networking)
+ #:use-module (gnu services samba)
+ #:use-module (gnu packages samba)
+ #:use-module (guix gexp)
+ #:use-module (guix store)
+ #:export (%test-samba))
+
+
+;;;
+;;; The Samba service.
+;;;
+
+(define %samba-os
+ (let ((base-os (simple-operating-system
+ (simple-service 'create-target-directory activation-service-type
+ #~(begin
+ (mkdir-p "/srv/samba/guest")
+ (chown "/srv/samba/guest"
+ (passwd:uid (getpw "nobody"))
+ (passwd:gid (getpw "nobody")))))
+ (service dhcp-client-service-type)
+ (service samba-service-type
+ (samba-configuration
+ (config-file (plain-file "smb.conf" "
+[global]
+ workgroup = WORKGROUP
+ server string = Samba Server
+ server role = standalone server
+ log file = /var/log/samba/log.%m
+ logging = file
+
+[guest]
+ path = /srv/samba/guest
+ read only = no
+ guest ok = yes
+ guest only = yes
+")))))))
+ (operating-system
+ (inherit base-os)
+ (packages (cons samba (operating-system-packages base-os))))))
+
+(define* (run-samba-test)
+ "Return a test of an OS running Samba service."
+
+ (define vm
+ (virtual-machine
+ (operating-system (marionette-operating-system
+ %samba-os
+ #:imported-modules '((gnu services herd))))
+ (port-forwardings '((8135 . 135)
+ (8137 . 137)
+ (8138 . 138)
+ (8445 . 445)))))
+
+ (define test
+ (with-imported-modules '((gnu build marionette))
+ #~(begin
+ (use-modules (gnu build marionette)
+ (srfi srfi-26)
+ (srfi srfi-64))
+
+ (define marionette
+ (make-marionette '(#$vm)))
+
+ (test-runner-current (system-test-runner #$output))
+ (test-begin "samba")
+
+ (test-assert "samba-smbd running"
+ (marionette-eval
+ '(begin
+ (use-modules (gnu services herd))
+ (start-service 'samba-smbd))
+ marionette))
+
+ (test-assert "samba-nmbd running"
+ (marionette-eval
+ '(begin
+ (use-modules (gnu services herd))
+ (start-service 'samba-nmbd))
+ marionette))
+
+ (test-assert "samba-winbindd running"
+ (marionette-eval
+ '(begin
+ (use-modules (gnu services herd))
+ (start-service 'samba-winbindd))
+ marionette))
+
+ (test-assert "smbd service process id"
+ (let ((pid
+ (number->string (wait-for-file "/var/run/samba/smbd.pid"
+ marionette))))
+ (marionette-eval `(file-exists? (string-append "/proc/" ,pid))
+ marionette)))
+
+ (test-assert "nmbd service process id"
+ (let ((pid
+ (number->string (wait-for-file "/var/run/samba/nmbd.pid"
+ marionette))))
+ (marionette-eval `(file-exists? (string-append "/proc/" ,pid))
+ marionette)))
+
+ (test-assert "winbindd service process id"
+ (let ((pid
+ (number->string (wait-for-file "/var/run/samba/winbindd.pid"
+ marionette))))
+ (marionette-eval `(file-exists? (string-append "/proc/" ,pid))
+ marionette)))
+
+ (test-assert "samba-smbd is listening for peers"
+ (wait-for-tcp-port 445 marionette))
+
+ (test-equal "smbclient connect"
+ 0
+ (marionette-eval
+ '(system* #$(file-append samba "/bin/smbclient")
+ "--list=localhost" "--no-pass")
+ marionette))
+
+ (test-equal "smbclient connect"
+ 0
+ (marionette-eval
+ '(system* #$(file-append samba "/bin/smbclient")
+ "--list=localhost" "--no-pass")
+ marionette))
+
+ (test-end))))
+
+ (gexp->derivation "samba-test" test))
+
+(define %test-samba
+ (system-test
+ (name "samba")
+ (description "Connect to a running Samba daemon.")
+ (value (run-samba-test))))
diff --git a/po/guix/POTFILES.in b/po/guix/POTFILES.in
index f50dd00422..9088a627ff 100644
--- a/po/guix/POTFILES.in
+++ b/po/guix/POTFILES.in
@@ -6,6 +6,7 @@ gnu/services.scm
gnu/system.scm
gnu/services/configuration.scm
gnu/services/shepherd.scm
+gnu/services/samba.scm
gnu/home/services.scm
gnu/home/services/ssh.scm
gnu/home/services/symlink-manager.scm
--
2.37.1
guix-patches <at> gnu.org:bug#54561; Package guix-patches.
(Mon, 08 Aug 2022 14:57:03 GMT) Full text and rfc822 format available.Message #116 received at 54561 <at> debbugs.gnu.org (full text, mbox):
From: simon <at> netpanic.org To: 54561 <at> debbugs.gnu.org Cc: Simon Streit <simon <at> netpanic.org> Subject: [PATCH v3 1/4] gnu: samba: Add avahi to inputs. Date: Mon, 8 Aug 2022 16:56:40 +0200
From: Simon Streit <simon <at> netpanic.org>
* gnu/packages/samba.scm (samba) <inputs>: Add avahi.
---
gnu/packages/samba.scm | 3 +++
1 file changed, 3 insertions(+)
diff --git a/gnu/packages/samba.scm b/gnu/packages/samba.scm
index f6ead57cc1..da7d9ef2d3 100644
--- a/gnu/packages/samba.scm
+++ b/gnu/packages/samba.scm
@@ -12,6 +12,7 @@
;;; Copyright © 2020, 2022 Maxim Cournoyer <maxim.cournoyer <at> gmail.com>
;;; Copyright © 2022 Jean-Pierre De Jesus DIAZ <me <at> jeandudey.tech>
;;; Copyright © 2022 Guillaume Le Vaillant <glv <at> posteo.net>
+;;; Copyright © 2022 Simon Streit <simon <at> netpanic.org>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -40,6 +41,7 @@ (define-module (gnu packages samba)
#:use-module (gnu packages acl)
#:use-module (gnu packages admin)
#:use-module (gnu packages autotools)
+ #:use-module (gnu packages avahi)
#:use-module (gnu packages backup)
#:use-module (gnu packages base)
#:use-module (gnu packages check)
@@ -239,6 +241,7 @@ (define-public samba
#:tests? #f))
(inputs
(list acl
+ avahi
cmocka
cups
gamin
--
2.37.1
guix-patches <at> gnu.org:bug#54561; Package guix-patches.
(Mon, 08 Aug 2022 14:57:03 GMT) Full text and rfc822 format available.Message #119 received at 54561 <at> debbugs.gnu.org (full text, mbox):
From: simon <at> netpanic.org To: 54561 <at> debbugs.gnu.org Cc: Simon Streit <simon <at> netpanic.org> Subject: [PATCH v3 3/4] gnu: Add wsdd. Date: Mon, 8 Aug 2022 16:56:42 +0200
From: Simon Streit <simon <at> netpanic.org>
* gnu/packages/samba.scm (wsdd): New variable.
---
gnu/packages/samba.scm | 28 ++++++++++++++++++++++++++++
1 file changed, 28 insertions(+)
diff --git a/gnu/packages/samba.scm b/gnu/packages/samba.scm
index da7d9ef2d3..4edcf9c148 100644
--- a/gnu/packages/samba.scm
+++ b/gnu/packages/samba.scm
@@ -35,6 +35,7 @@ (define-module (gnu packages samba)
#:use-module (guix download)
#:use-module (guix git-download)
#:use-module (guix build-system gnu)
+ #:use-module (guix build-system copy)
#:use-module ((guix licenses) #:prefix license:)
#:use-module (guix utils)
#:use-module (gnu packages)
@@ -505,3 +506,30 @@ (define-public ppp
license:bsd-4
license:gpl2+
license:public-domain))))
+
+(define-public wsdd
+ (package
+ (name "wsdd")
+ (version "0.7.0")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference (url "https://github.com/christgau/wsdd")
+ (commit (string-append "v" version))))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32 "04an2w6hamnai668ag4vq8x0i09fsg2jrayb4a7ar0x6bn837k7m"))))
+ (build-system copy-build-system)
+ (inputs
+ `(("python" ,python)))
+ (arguments
+ '(#:install-plan
+ '(("src/wsdd.py" "bin/wsdd")
+ ("man/wsdd.1" "share/man/man1/"))))
+ (home-page "https://github.com/christgau/wsdd")
+ (synopsis "A Web Service Discovery host daemon")
+ (description "This daemon allows (Samba) hosts to be found by Web
+Service Dicovery Clients. It also implements the client side of the
+discovery protocol which allows to search for devices implementing
+WSD.")
+ (license license:expat)))
--
2.37.1
guix-patches <at> gnu.org:bug#54561; Package guix-patches.
(Mon, 08 Aug 2022 14:58:02 GMT) Full text and rfc822 format available.Message #122 received at 54561 <at> debbugs.gnu.org (full text, mbox):
From: simon <at> netpanic.org To: 54561 <at> debbugs.gnu.org Cc: Simon Streit <simon <at> netpanic.org> Subject: [PATCH v3 4/4] services: Add wsdd service. Date: Mon, 8 Aug 2022 16:56:43 +0200
From: Simon Streit <simon <at> netpanic.org>
* doc/guix.texi: Add documentation for wsdd service.
* gnu/services/samba.scm (<wsdd-configuration>): New record.
(wsdd-service-type): New variable.
(wsdd-shepherd-services): New procedure.
* gnu/tests/samba.scm: wsdd test.
---
doc/guix.texi | 69 +++++++++++++++++++++++++++
gnu/services/samba.scm | 105 ++++++++++++++++++++++++++++++++++++++++-
gnu/tests/samba.scm | 61 +++++++++++++++++++++++-
3 files changed, 233 insertions(+), 2 deletions(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index 614d0a0e03..c168f063c3 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -31247,6 +31247,75 @@ Manually enable the @code{winbindd} daemon.
@end table
@end deftp
+@cindex wsdd
+@subsubheading Web Service Discovery Daemon
+
+Web Service Discovery Daemon implements
+@uref{http://docs.oasis-open.org/ws-dd/discovery/1.1/os/wsdd-discovery-1.1-spec-os.html,
+Web Services Dynamic Discovery} protocol that enables host discovery --
+similar to Avahi -- over Multicast DNS. It is a drop-in replacement for
+SMB hosts that have had SMBv1 disabled for security reasons.
+
+@defvr {Scheme Variable} wsdd-service-type
+
+Service type for the WSD host daemon. The value for
+this service type is a @code{wsdd-configuration} record. The details
+for the @code{wsdd-configuration} record type are given below.
+@end defvr
+
+@deftp{Data Type} wsdd-configuration This data type represents the
+configuration for the wsdd service.
+
+@table @asis
+
+@item @code{package} (default: @code{wsdd})
+The wsdd package to use.
+
+@item @code{ipv4only?} (default: @code{#f})
+Only listen to IPv4 addresses.
+
+@item @code{ipv6only} (default: @code{#f})
+Only listen to IPv6 addresses. Please note: Activating both options is
+not possible, since there would be no IP versions to listen to.
+
+@item @code{chroot} (default: @code{#f})
+Chroot into a separate directory to prevent access to other directories.
+This is to increase security in case there is a vulnerability in
+@command{wsdd}.
+
+@item @code{hop-limit} (default: @code{1})
+Limit to the level of hops for multicast packets. The default is
+@var{1} which should prevent packets from leaving the local network.
+
+@item @code{interface} (default: @code{'()})
+Limit to the given list of interfaces to listen to. By default wsdd
+will listen to all interfaces. Except the loopback interface is never
+used.
+
+@item @code{uuid-device} (default: @code{#f})
+The WSD protocol requires a device to have a UUID. Set this to manually
+assign the service a UUID.
+
+@item @code{domain} (default: @code{#f})
+Notify this host is a member of an Active Directory.
+
+@item @code{host-name} (default: @code{#f})
+Manually set the hostname rather than letting @command{wsdd} inherit
+this host's hostname. Only the host name part of a possible FQDN will
+be used in the default case.
+
+@item @code{preserve-case?} (default: @code{#f})
+By default @command{wsdd} will convert the hostname in workgroup to all
+uppercase. The opposite is true for hostnames in domains. Setting this
+parameter will preserve case.
+
+@item @code{workgroup} (default: @var{"WORKGROUP"})
+Change the name of the workgroup. By default @command{wsdd} reports
+this host being member of a workgroup.
+
+@end table
+@end deftp
+
@node Continuous Integration
@subsection Continuous Integration
diff --git a/gnu/services/samba.scm b/gnu/services/samba.scm
index 2c9e52a0b0..c1f9033d63 100644
--- a/gnu/services/samba.scm
+++ b/gnu/services/samba.scm
@@ -41,7 +41,10 @@ (define-module (gnu services samba)
#:export (samba-service-type
samba-configuration
- samba-smb-conf))
+ samba-smb-conf
+
+ wsdd-service-type
+ wsdd-configuration))
(define %smb-conf
(plain-file "smb.conf" "[global]
@@ -180,3 +183,103 @@ (define samba-service-type
(service-extension profile-service-type
(compose list samba-configuration-package))))
(default-value (samba-configuration))))
+
+
+;;;
+;;; WSDD
+;;;
+
+(define-record-type* <wsdd-configuration>
+ wsdd-configuration
+ make-wsdd-configuration
+ wsdd-configuration?
+ (package wsdd-configuration-package
+ (default wsdd))
+ (ipv4only? wsdd-configuration-ipv4only?
+ (default #f))
+ (ipv6only? wsdd-configuration-ipv6only?
+ (default #f))
+ (chroot wsdd-configuration-chroot
+ (default #f))
+ (hoplimit wsdd-configuration-hoplimit
+ (default 1))
+ (interfaces wsdd-configuration-interfaces
+ (default '()))
+ (uuid-device wsdd-configuration-uuid-device
+ (default #f))
+ (domain wsdd-configuration-domain
+ (default #f))
+ (hostname wsdd-configuration-hostname
+ (default #f))
+ (preserve-case? wsdd-configuration-preserve-case?
+ (default #f))
+ (workgroup wsdd-configuration-workgroup
+ (default "WORKGROUP")))
+
+(define wsdd-accounts
+ (list
+ (user-group (name "wsdd"))
+ (user-account (name "wsdd")
+ (group "wsdd")
+ (comment "Web Service Discovery user")
+ (home-directory "/var/empty")
+ (shell (file-append shadow "/sbin/nologin")))))
+
+(define wsdd-shepherd-service
+ (match-lambda
+ (($ <wsdd-configuration> package ipv4only? ipv6only? chroot hoplimit
+ interfaces uuid-device domain hostname
+ preserve-case? workgroup)
+ (list (shepherd-service
+ (documentation "Run a Web Service Discovery service")
+ (provision '(wsdd))
+ (requirement '(networking))
+ (start #~(make-forkexec-constructor
+ (list #$(file-append package "/bin/wsdd")
+ #$@(if ipv4only?
+ #~("--ipv4only")
+ '())
+ #$@(if ipv6only?
+ #~("--ipv6only")
+ '())
+ #$@(if chroot
+ #~("--chroot" #$chroot)
+ '())
+ #$@(if hoplimit
+ #~("--hoplimit" #$(number->string hoplimit))
+ '())
+ #$@(map (lambda (interfaces)
+ (string-append "--interface=" interfaces))
+ interfaces)
+ #$@(if uuid-device
+ #~("--uuid" #$uuid-device)
+ '())
+ #$@(if domain
+ #~("--domain" #$domain)
+ '())
+ #$@(if hostname
+ #~("--hostname" #$hostname)
+ '())
+ #$@(if preserve-case?
+ #~("--preserve-case")
+ '())
+ #$@(if workgroup
+ #~("--workgroup" #$workgroup)
+ '()))
+ #:user "wsdd"
+ #:group "wsdd"
+ #:log-file "/var/log/wsdd.log"))
+ (stop #~(make-kill-destructor)))))))
+
+(define wsdd-service-type
+ (service-type
+ (name 'wsdd)
+ (description "Web Service Discovery Daemon")
+ (extensions
+ (list (service-extension shepherd-root-service-type
+ wsdd-shepherd-service)
+ (service-extension account-service-type
+ (const wsdd-accounts))
+ (service-extension profile-service-type
+ (compose list wsdd-configuration-package))))
+ (default-value (wsdd-configuration))))
diff --git a/gnu/tests/samba.scm b/gnu/tests/samba.scm
index 27d7ea49c3..6b065cd5de 100644
--- a/gnu/tests/samba.scm
+++ b/gnu/tests/samba.scm
@@ -26,7 +26,8 @@ (define-module (gnu tests samba)
#:use-module (gnu packages samba)
#:use-module (guix gexp)
#:use-module (guix store)
- #:export (%test-samba))
+ #:export (%test-samba
+ %test-wsdd))
;;;
@@ -156,3 +157,61 @@ (define %test-samba
(name "samba")
(description "Connect to a running Samba daemon.")
(value (run-samba-test))))
+
+
+;;;
+;;; The wsdd service.
+;;;
+
+(define %wsdd-os
+ (let ((base-os (simple-operating-system
+ (service dhcp-client-service-type)
+ (service wsdd-service-type))))
+ (operating-system
+ (inherit base-os)
+ (packages (cons wsdd (operating-system-packages base-os))))))
+
+(define* (run-wsdd-test)
+ "Return a test of an OS running wsdd service."
+
+ (define vm
+ (virtual-machine
+ (operating-system (marionette-operating-system
+ %wsdd-os
+ #:imported-modules '((gnu services herd))))
+ (port-forwardings '((8135 . 135)
+ (8137 . 137)
+ (8138 . 138)
+ (8445 . 445)))))
+
+ (define test
+ (with-imported-modules '((gnu build marionette))
+ #~(begin
+ (use-modules (gnu build marionette)
+ (srfi srfi-26)
+ (srfi srfi-64))
+
+ (define marionette
+ (make-marionette '(#$vm)))
+
+ (test-runner-current (system-test-runner #$output))
+ (test-begin "wsdd")
+
+ ;; Here shall be more tests to begin with.
+
+ (test-assert "wsdd running"
+ (marionette-eval
+ '(begin
+ (use-modules (gnu services herd))
+ (start-service 'wsdd))
+ marionette))
+
+ (test-end))))
+
+ (gexp->derivation "samba-test" test))
+
+(define %test-wsdd
+ (system-test
+ (name "wsdd")
+ (description "Connect to a running wsdd daemon.")
+ (value (run-wsdd-test))))
--
2.37.1
Lars-Dominik Braun <lars <at> 6xq.net>:Simon Streit <simon <at> netpanic.org>:Message #127 received at 54561-done <at> debbugs.gnu.org (full text, mbox):
From: Lars-Dominik Braun <lars <at> 6xq.net> To: simon <at> netpanic.org Cc: 54561-done <at> debbugs.gnu.org Subject: Re: [PATCH v3 0/4] Add samba and wsdd to services list. Date: Sat, 24 Sep 2022 09:48:10 +0200
Hi Simon, > Hello, here my third iteration preparing this patch series. thanks for the update. I’ve been running it on my NAS for a few days and it works quite well. I addressed Ludo’s remaining comments, adjusted your commit messages and pushed your contribution as commit 4cbc1622961f62f8fc3613de0c8f215e0cde6494 and following. Thank you very much, Lars
guix-patches <at> gnu.org:bug#54561; Package guix-patches.
(Sun, 25 Sep 2022 08:23:01 GMT) Full text and rfc822 format available.Message #130 received at 54561 <at> debbugs.gnu.org (full text, mbox):
From: Lars-Dominik Braun <lars <at> 6xq.net> To: simon <at> netpanic.org Cc: 54561 <at> debbugs.gnu.org Subject: Re: [PATCH v3 0/4] Add samba and wsdd to services list. Date: Sun, 25 Sep 2022 10:22:36 +0200
Hi, > > Hello, here my third iteration preparing this patch series. > thanks for the update. I’ve been running it on my NAS for a few days > and it works quite well. I addressed Ludo’s remaining comments, > adjusted your commit messages and pushed your contribution as commit > 4cbc1622961f62f8fc3613de0c8f215e0cde6494 and following. I had to revert the commit adding avahi to samba in commit dc7191302e6d099a26673e08b78eb5f4b2a2b17b and added it to core-updates as commit 4d0befe66ae7fa731b566090b471107bc4828018 instead, because it caused too many rebuilds. Lars
Debbugs Internal Request <help-debbugs <at> gnu.org>
to internal_control <at> debbugs.gnu.org.
(Sun, 23 Oct 2022 11:24:09 GMT) Full text and rfc822 format available.
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.