GNU bug report logs - #67555
[PATCH 0/2] Add Heimdal Kerberos system services.

Previous Next

Package: guix-patches;

Reported by: Felix Lechner <felix.lechner <at> lease-up.com>

Date: Fri, 1 Dec 2023 00:44:01 UTC

Severity: normal

Tags: patch

Full log

Message #8 received at 67555 <at> debbugs.gnu.org (full text, mbox):

From: Felix Lechner <felix.lechner <at> lease-up.com>
To: 67555 <at> debbugs.gnu.org
Cc: Felix Lechner <felix.lechner <at> lease-up.com>
Subject: [PATCH 1/2] services: kerberos.scm: Rename krb5-service-type and
 krb5-configuration.
Date: Thu, 30 Nov 2023 16:45:11 -0800

In preparation for a nearby commit that will add actual Kerberos services to
Guix, the older names were made more specific. The original names were
misleading and too generic. The krb5-service-type provided no service at all
but merely created a file at /etc/krb5.conf that is needed to associate
equipment with a Kerberos realm.

The original names further suggested that at least some of the needed servers
might be started, making it necessary to clarify otherwise in the
documentation.

Change-Id: I951c16aedcf1141d7d947f984cf89c22d3cc96ce
---
 doc/guix.texi             | 16 ++++++++--------
 gnu/services/kerberos.scm | 19 ++++++++++++++-----
 2 files changed, 22 insertions(+), 13 deletions(-)

diff --git a/doc/guix.texi b/doc/guix.texi
index 1fd2e21608..a5119d2058 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -29963,10 +29963,10 @@ Kerberos Services
 @subsection Kerberos Services
 @cindex Kerberos
 
-The @code{(gnu services kerberos)} module provides services relating to
-the authentication protocol @dfn{Kerberos}.
+@subsubheading Krb5 Association Service
 
-@subsubheading Krb5 Service
+The @code{(gnu services kerberos)} module provides miscellaneous
+services relating to the authentication protocol @dfn{Kerberos}.
 
 Programs using a Kerberos client library normally
 expect a configuration file in @file{/etc/krb5.conf}.
@@ -29978,15 +29978,15 @@ Kerberos Services
 This service is known to work with the MIT client library, @code{mit-krb5}.
 Other implementations have not been tested.
 
-@defvar krb5-service-type
+@defvar krb5-association-service-type
 A service type for Kerberos 5 clients.
 @end defvar
 
 @noindent
 Here is an example of its use:
 @lisp
-(service krb5-service-type
-         (krb5-configuration
+(service krb5-association-service-type
+         (krb5-association-configuration
           (default-realm "EXAMPLE.COM")
           (allow-weak-crypto? #t)
           (realms (list
@@ -30010,7 +30010,7 @@ Kerberos Services
 @item Accepts services which only support encryption types known to be weak.
 @end itemize
 
-The @code{krb5-realm} and @code{krb5-configuration} types have many fields.
+The @code{krb5-realm} and @code{krb5-association-configuration} types have many fields.
 Only the most commonly used ones are described here.
 For a full list, and more detailed explanation of each, see the MIT
 @uref{https://web.mit.edu/kerberos/krb5-devel/doc/admin/conf_files/krb5_conf.html,,krb5.conf}
@@ -30035,7 +30035,7 @@ Kerberos Services
 @end table
 @end deftp
 
-@deftp {Data Type} krb5-configuration
+@deftp {Data Type} krb5-association-configuration
 
 @table @asis
 @item @code{allow-weak-crypto?} (default: @code{#f})
diff --git a/gnu/services/kerberos.scm b/gnu/services/kerberos.scm
index a6f540a9b6..ec9b6c10b5 100644
--- a/gnu/services/kerberos.scm
+++ b/gnu/services/kerberos.scm
@@ -20,6 +20,7 @@ (define-module (gnu services kerberos)
   #:use-module (gnu services)
   #:use-module (gnu services configuration)
   #:use-module (gnu system pam)
+  #:use-module (guix deprecation)
   #:use-module (guix gexp)
   #:use-module (guix records)
   #:use-module (srfi srfi-1)
@@ -33,6 +34,10 @@ (define-module (gnu services kerberos)
             krb5-realm
             krb5-realm?
 
+            krb5-association-configuration
+            krb5-association-configuration?
+            krb5-association-service-type
+
             krb5-configuration
             krb5-configuration?
             krb5-service-type))
@@ -228,7 +233,7 @@ (define-configuration krb5-realm
 
 
 ;; For a more detailed explanation of these fields see man 5 krb5.conf
-(define-configuration krb5-configuration
+(define-configuration krb5-association-configuration
   (allow-weak-crypto?
    (boolean/unset unset-field)
    "If true, permits access to services which only offer weak encryption.")
@@ -394,20 +399,20 @@ (define-configuration krb5-configuration
    "The list of realms which clients may access."))
 
 
-(define (krb5-configuration-file config)
+(define (krb5-association-configuration-file config)
   "Create a Kerberos 5 configuration file based on CONFIG"
   (mixed-text-file "krb5.conf"
                    "[libdefaults]\n\n"
                    (with-output-to-string
                      (lambda ()
                        (serialize-configuration config
-                                                krb5-configuration-fields)))))
+                                                krb5-association-configuration-fields)))))
 
 (define (krb5-etc-service config)
-  (list `("krb5.conf" ,(krb5-configuration-file config))))
+  (list `("krb5.conf" ,(krb5-association-configuration-file config))))
 
 
-(define krb5-service-type
+(define krb5-association-service-type
   (service-type (name 'krb5)
                 (extensions
                  (list (service-extension etc-service-type
@@ -416,6 +421,10 @@ (define krb5-service-type
 normally expect a configuration file in @file{/etc/krb5.conf}.  This service
 generates such a file.  It does not cause any daemon to be started.")))
 
+(define-deprecated krb-configuration krb5-association-configuration)
+(define-deprecated krb-configuration? krb5-association-configuration?)
+(define-deprecated krb-service-type krb5-association-service-type)
+
 
 
 (define-record-type* <pam-krb5-configuration>
-- 
2.41.0
This bug report was last modified 229 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.