GNU bug report logs -
#68007
[PATCH] services: Add doas service.
Previous Next
Reported by: lgcoelho <at> disroot.org
Date: Sun, 24 Dec 2023 17:03:02 UTC
Severity: normal
Tags: patch
Done: lgcoelho <at> disroot.org
Bug is archived. No further changes may be made.
Full log
View this message in rfc822 format
[Message part 1 (text/plain, inline)]
Your message dated Sat, 09 Nov 2024 11:48:39 +0100
with message-id <23cc3014efb081b414586f99ce4c53fe <at> disroot.org>
and subject line closed in favor of a more feature complete service (opendoas-service-type) to be submitted
has caused the debbugs.gnu.org bug report #68007,
regarding [PATCH] services: Add doas service.
to be marked as done.
(If you believe you have received this mail in error, please contact
help-debbugs <at> gnu.org.)
--
68007: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=68007
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems
[Message part 2 (message/rfc822, inline)]
[Message part 3 (text/plain, inline)]
This service enables declarative description of doas.conf. A simple
example would be
--8<---------------cut
here-------------------------------------------------end--------------->8---
(simple-service 'miscellaneous-permissions doas-service-type
(list (permit (identity ":wheel")
(setenv `(("GUILE_LOAD_PATH"
. #t))))
(permit (identity ":wheel")
(nopass? #t)
(command "guix")
(args `("pull")))))
(simple-service 'text-editors-permissions doas-service-type
(map (lambda (cmd)
(permit (identity ":wheel")
(keepenv? #t)
(command cmd)))
`("kak" "emacsclient")))
(simple-service 'power-management-permissions doas-service-type
(map (lambda (cmd)
(permit (identity ":wheel")
(nopass? #t)
(command cmd)
(args '())))
`("zzz" "halt" "reboot")))
(simple-service 'shepherd-status-permissions doas-service-type
(map (lambda (action)
(permit (identity ":wheel")
(nopass? #t)
(command "herd")
(args (list action))))
`("status" "detailed-status")))
(simple-service 'service-management-permissions
doas-service-type
(flat-map (lambda (service action)
(permit (identity ":wheel")
(nopass? #t)
(command "herd")
(args (map
symbol->string
(list action service)))))
'(tor networking wpa-supplicant)
'(doc stop start enable status restart
disable)))
--8<---------------cut
here-------------------------------------------------end--------------->8---
This generates the following configuration file:
--8<---------------cut
here-------------------------------------------------end--------------->8---
permit setenv { GUILE_LOAD_PATH }
permit nopass :wheel cmd guix args pull
permit keepenv :wheel cmd kak
permit keepenv :wheel cmd emacsclient
permit nopass :wheel cmd zzz args
permit nopass :wheel cmd halt args
permit nopass :wheel cmd reboot args
permit nopass :wheel cmd herd args status
permit nopass :wheel cmd herd args detailed-status
permit nopass :wheel cmd herd args doc tor
permit nopass :wheel cmd herd args stop tor
permit nopass :wheel cmd herd args start tor
permit nopass :wheel cmd herd args enable tor
permit nopass :wheel cmd herd args status tor
permit nopass :wheel cmd herd args restart tor
permit nopass :wheel cmd herd args disable tor
permit nopass :wheel cmd herd args doc networking
permit nopass :wheel cmd herd args stop networking
permit nopass :wheel cmd herd args start networking
permit nopass :wheel cmd herd args enable networking
permit nopass :wheel cmd herd args status networking
permit nopass :wheel cmd herd args restart networking
permit nopass :wheel cmd herd args disable networking
permit nopass :wheel cmd herd args doc wpa-supplicant
permit nopass :wheel cmd herd args stop wpa-supplicant
permit nopass :wheel cmd herd args start wpa-supplicant
permit nopass :wheel cmd herd args enable wpa-supplicant
permit nopass :wheel cmd herd args status wpa-supplicant
permit nopass :wheel cmd herd args restart wpa-supplicant
permit nopass :wheel cmd herd args disable wpa-supplicant
--8<---------------cut
here-------------------------------------------------end--------------->8---
[Message part 4 (text/html, inline)]
[0001-services-Add-doas-service.patch (text/x-diff, attachment)]
[Message part 6 (message/rfc822, inline)]
[Message part 7 (text/html, inline)]
This bug report was last modified 195 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.