GNU bug report logs - #63786
[PATCH] home: services: ssh: Allow unset boolean options in ssh-config.

Previous Next

Full log

View this message in rfc822 format

From: help-debbugs <at> gnu.org (GNU bug Tracking System)
To: Efraim Flashner <efraim <at> flashner.co.il>
Subject: bug#63786: closed (Re: [bug#63786] [PATCH] home: services: ssh:
 Allow unset boolean)
Date: Wed, 14 Jun 2023 19:17:02 +0000

[Message part 1 (text/plain, inline)]

Your bug report

#63786: [PATCH] home: services: ssh: Allow unset boolean options in ssh-config.

which was filed against the guix-patches package, has been closed.

The explanation is attached below, along with your original report.
If you require more details, please reply to 63786 <at> debbugs.gnu.org.

-- 
63786: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=63786
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems

[Message part 2 (message/rfc822, inline)]

From: Efraim Flashner <efraim <at> flashner.co.il>
To: Andrew Tropin <andrew <at> trop.in>
Cc: 63786-done <at> debbugs.gnu.org
Subject: Re: [bug#63786] [PATCH] home: services: ssh: Allow unset boolean
Date: Wed, 14 Jun 2023 22:16:47 +0300

[Message part 3 (text/plain, inline)]

On Mon, Jun 12, 2023 at 08:58:18AM +0400, Andrew Tropin wrote:
> 
> A few years ago, when we were implementing the first version of ssh home
> service in rde we went a slightly different way and didn't hardcode any
> record fields and let user set an alist of key/value pairs:
> https://git.sr.ht/~abcdw/rde/tree/19c2d2f0996624eea8b7a87b14bbc31e4a9b943b/src/gnu/home-services/ssh.scm#L204
> 
> It's not a perfect solution either, but quite flexible.  Also, it's
> relatively easy to implement default values: we can provide
> %default-host-options and ask people to do something like this on user
> side configuration:
> 
> (merge %default-host-options '((compression . #f)))
> 
> Of course "asking people" won't work, so it's possible to set a default
> value of options field to %default-host-options
> https://git.sr.ht/~abcdw/rde/tree/19c2d2f0996624eea8b7a87b14bbc31e4a9b943b/src/gnu/home-services/ssh.scm#L100
> and let people override it with '((compression . #f)) or enrich with
> (merge %default-host-options '((compression . #f))).
> 
> It's not a proposal or something, just sharing how it's implemented in
> rde.

I'm still undecided about the alist as a comparison. It would make it
easier to add arbitrary fields, but then I feel like maybe we should be
adding something to validate the configurations.

> P.S. Note that (gnu home-services *) modules are subject to deprecation
> and when (rde home services ssh) appear, it will have a slightly
> different interface.


I went ahead and pushed the patch. I believe that, after having added to
a .ssh/config file over a period of time, line by line or entry by
entry, people will be surprised to see a bunch of fields filled in
automatically, and with different results from what they had before.


-- 
Efraim Flashner   <efraim <at> flashner.co.il>   רנשלפ םירפא
GPG key = A28B F40C 3E55 1372 662D  14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted

[signature.asc (application/pgp-signature, inline)]

[Message part 5 (message/rfc822, inline)]

From: Efraim Flashner <efraim <at> flashner.co.il>
To: guix-patches <at> gnu.org
Cc: Efraim Flashner <efraim <at> flashner.co.il>
Subject: [PATCH] home: services: ssh: Allow unset boolean options in
 ssh-config.
Date: Mon, 29 May 2023 17:52:59 +0300

From man 5 ssh_config:
Unless noted otherwise, for each parameter, the first obtained value
will be used.

We want to allow falling through to the first actual user defined value.

* gnu/home/services.ssh.scm (define-maybe boolean): New configuration.
(openssh-host)[forward-x11?, forward-x11-trusted?, forward-agent?,
compression?]: Replace default value with maybe-boolean.
* doc/guix.texi (Secure Shell): Update documentation to match the
changes in the code.
---
 doc/guix.texi             | 10 +++++-----
 gnu/home/services/ssh.scm | 11 +++++++----
 2 files changed, 12 insertions(+), 9 deletions(-)

diff --git a/doc/guix.texi b/doc/guix.texi
index 31dc33fb97..d22924e522 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -33,7 +33,7 @@
 Copyright @copyright{} 2015, 2016, 2017, 2018, 2019, 2020, 2021, 2022, 2023 Ricardo Wurmus@*
 Copyright @copyright{} 2016 Ben Woodcroft@*
 Copyright @copyright{} 2016, 2017, 2018, 2021 Chris Marusich@*
-Copyright @copyright{} 2016, 2017, 2018, 2019, 2020, 2021, 2022 Efraim Flashner@*
+Copyright @copyright{} 2016, 2017, 2018, 2019, 2020, 2021, 2022, 2023 Efraim Flashner@*
 Copyright @copyright{} 2016 John Darrington@*
 Copyright @copyright{} 2016, 2017 Nikita Gillmann@*
 Copyright @copyright{} 2016, 2017, 2018, 2019, 2020, 2021, 2022, 2023 Jan Nieuwenhuizen@*
@@ -43017,19 +43017,19 @@ Secure Shell
 @item @code{user} (type: maybe-string)
 User name on the remote host.
 
-@item @code{forward-x11?} (default: @code{#f}) (type: boolean)
+@item @code{forward-x11?} (type: maybe-boolean)
 Whether to forward remote client connections to the local X11 graphical
 display.
 
-@item @code{forward-x11-trusted?} (default: @code{#f}) (type: boolean)
+@item @code{forward-x11-trusted?} (type: maybe-boolean)
 Whether remote X11 clients have full access to the original X11
 graphical display.
 
-@item @code{forward-agent?} (default: @code{#f}) (type: boolean)
+@item @code{forward-agent?} (type: maybe-boolean)
 Whether the authentication agent (if any) is forwarded to the remote
 machine.
 
-@item @code{compression?} (default: @code{#f}) (type: boolean)
+@item @code{compression?} (type: maybe-boolean)
 Whether to compress data in transit.
 
 @item @code{proxy} (type: maybe-proxy-command-or-jump-list)
diff --git a/gnu/home/services/ssh.scm b/gnu/home/services/ssh.scm
index 628dc743ae..0a4b37d84e 100644
--- a/gnu/home/services/ssh.scm
+++ b/gnu/home/services/ssh.scm
@@ -1,6 +1,7 @@
 ;;; GNU Guix --- Functional package management for GNU
 ;;; Copyright © 2022 Ludovic Courtès <ludo <at> gnu.org>
 ;;; Copyright © 2023 Janneke Nieuwenhuizen <janneke <at> gnu.org>
+;;; Copyright © 2023 Efraim Flashner <efraim <at> flashner.co.il>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -104,6 +105,8 @@ (define (serialize-natural-number field value)
   (string-append "  " (serialize-field-name field) " "
                  (number->string value) "\n"))
 
+(define-maybe boolean)
+
 (define (serialize-boolean field value)
   (string-append "  " (serialize-field-name field) " "
                  (if value "yes" "no") "\n"))
@@ -194,19 +197,19 @@ (define-configuration openssh-host
    maybe-string
    "User name on the remote host.")
   (forward-x11?
-   (boolean #f)
+   maybe-boolean
    "Whether to forward remote client connections to the local X11 graphical
 display.")
   (forward-x11-trusted?
-   (boolean #f)
+   maybe-boolean
    "Whether remote X11 clients have full access to the original X11 graphical
 display.")
   (forward-agent?
-   (boolean #f)
+   maybe-boolean
    "Whether the authentication agent (if any) is forwarded to the remote
 machine.")
   (compression?
-   (boolean #f)
+   maybe-boolean
    "Whether to compress data in transit.")
   (proxy-command
    maybe-string

base-commit: 7b400e7f8751e6b0cc6e66d3f7ecfb7f5bd51309
-- 
Efraim Flashner   <efraim <at> flashner.co.il>   רנשלפ םירפא
GPG key = A28B F40C 3E55 1372 662D  14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.