GNU bug report logs - #77922
[PATCH] services: pounce: New service.

Previous Next

Full log

Message #16 received at 77922-done <at> debbugs.gnu.org (full text, mbox):

From: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>
To: Ludovic Courtès <ludo <at> gnu.org>
Cc: 77922-done <at> debbugs.gnu.org, Jorge Gomez <jgart <at> dismail.de>
Subject: Re: [bug#77922] [PATCH] services: pounce: New service.
Date: Tue, 22 Apr 2025 11:38:07 +0900

Hi Ludovic,

Ludovic Courtès <ludo <at> gnu.org> writes:

> Hello,
>
> Maxim Cournoyer <maxim.cournoyer <at> gmail.com> writes:
>
>> * gnu/services/messaging.scm (pounce-serialize-boolean):
>> (pounce-serialize-string, pounce-serialize-list-of-strings)
>> (pounce-serialize-pair, power-of-two?)
>> (pounce-serialize-number, pounce-serialize-power-of-two)
>> (pounce-serialize-port, pounce-serialize-maybe-boolean)
>> (pounce-serialize-maybe-number, pounce-serialize-maybe-pair)
>> (pounce-serialize-maybe-port, pounce-serialize-maybe-port
>> (pounce-maybe-power-of-two, pounce-serialize-maybe-string)
>> (pounce-serialize-maybe-list-of-strings): New procedures.
>> (pounce-configuration): New configuration.
>> (pounce-activation): New procedure.
>> (serialize-pounce-configuration, pounce-wrapper): Likewise.
>> (pounce-service-type): New service type.
>> * gnu/tests/messaging.scm (ngircd-tls-cert-service-type): New variable.
>> (%pounce-os): Likewise.
>> (run-pounce-test): New procedure.
>> (%test-pounce): New test.
>> * doc/guix.texi (Messaging Services): Document it.
>>
>> Change-Id: I4bbd2bc4821072a93c2c4017b86df329c4b240cb
>
> I had a quick look and this looks great to me.

Thanks for the review!

> Minor issues:
>
>> +@item @code{local-ca} (type: maybe-string)
>> +Require clients to authenticate using a TLS client certificate either
>> +contained in or signed by a certificate in the file loaded from
>> +@{local-ca
>
> There’s a bug here: the line is truncated and markup is bogus.

Good catch!  Fixed like so:

--8<---------------cut here---------------start------------->8---
modified   doc/guix.texi
@@ -30905,7 +30905,8 @@ Messaging Services
 @item @code{local-ca} (type: maybe-string)
 Require clients to authenticate using a TLS client certificate either
 contained in or signed by a certificate in the file loaded from
-@{local-ca
+@code{local-ca}, a file name.  The file is reloaded when the SIGUSR1
+signal is received.
 
 @item @code{local-cert} (type: maybe-string)
 File name of the TLS certificate to load.  The file is reloaded when the
modified   gnu/services/messaging.scm
@@ -1750,8 +1750,9 @@ (define-configuration pounce-configuration
   (local-ca
    maybe-string
    "Require clients to authenticate using a TLS client certificate either
-contained in or signed by a certificate in the file loaded from @{local-ca}, a
-file name.  The file is reloaded when the SIGUSR1 signal is received.")
+contained in or signed by a certificate in the file loaded from
+@code{local-ca}, a file name.  The file is reloaded when the SIGUSR1 signal is
+received.")
 
   (local-cert
    maybe-string
--8<---------------cut here---------------end--------------->8---

> Also maybe “local-certificate-authorities”?
>
>> +@item @code{local-cert} (type: maybe-string)
>
> “local-certificate”?
>
>> +@item @code{local-priv} (type: maybe-string)
>
> “local-private-key”
>
>> +@item @code{client-cert} (type: maybe-string)
>
> [...]
>
>> +@item @code{client-priv} (type: maybe-string)
>
> Likewise.

All of the option names used match 1:1 what goes in the serialized
configuration file, and thus what is documented in 'man pounce'; so I've
chosen to keep the current names, for consistency.

Pushed as commit aab89b3d934.

-- 
Thanks,
Maxim

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.