GNU bug report logs -
#68007
[PATCH] services: Add doas service.
Previous Next
Reported by: lgcoelho <at> disroot.org
Date: Sun, 24 Dec 2023 17:03:02 UTC
Severity: normal
Tags: patch
Done: lgcoelho <at> disroot.org
Bug is archived. No further changes may be made.
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 68007 in the body.
You can then email your comments to 68007 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
guix-patches <at> gnu.org:
bug#68007; Package
guix-patches.
(Sun, 24 Dec 2023 17:03:02 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
lgcoelho <at> disroot.org:
New bug report received and forwarded. Copy sent to
guix-patches <at> gnu.org.
(Sun, 24 Dec 2023 17:03:02 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
This service enables declarative description of doas.conf. A simple
example would be
--8<---------------cut
here-------------------------------------------------end--------------->8---
(simple-service 'miscellaneous-permissions doas-service-type
(list (permit (identity ":wheel")
(setenv `(("GUILE_LOAD_PATH"
. #t))))
(permit (identity ":wheel")
(nopass? #t)
(command "guix")
(args `("pull")))))
(simple-service 'text-editors-permissions doas-service-type
(map (lambda (cmd)
(permit (identity ":wheel")
(keepenv? #t)
(command cmd)))
`("kak" "emacsclient")))
(simple-service 'power-management-permissions doas-service-type
(map (lambda (cmd)
(permit (identity ":wheel")
(nopass? #t)
(command cmd)
(args '())))
`("zzz" "halt" "reboot")))
(simple-service 'shepherd-status-permissions doas-service-type
(map (lambda (action)
(permit (identity ":wheel")
(nopass? #t)
(command "herd")
(args (list action))))
`("status" "detailed-status")))
(simple-service 'service-management-permissions
doas-service-type
(flat-map (lambda (service action)
(permit (identity ":wheel")
(nopass? #t)
(command "herd")
(args (map
symbol->string
(list action service)))))
'(tor networking wpa-supplicant)
'(doc stop start enable status restart
disable)))
--8<---------------cut
here-------------------------------------------------end--------------->8---
This generates the following configuration file:
--8<---------------cut
here-------------------------------------------------end--------------->8---
permit setenv { GUILE_LOAD_PATH }
permit nopass :wheel cmd guix args pull
permit keepenv :wheel cmd kak
permit keepenv :wheel cmd emacsclient
permit nopass :wheel cmd zzz args
permit nopass :wheel cmd halt args
permit nopass :wheel cmd reboot args
permit nopass :wheel cmd herd args status
permit nopass :wheel cmd herd args detailed-status
permit nopass :wheel cmd herd args doc tor
permit nopass :wheel cmd herd args stop tor
permit nopass :wheel cmd herd args start tor
permit nopass :wheel cmd herd args enable tor
permit nopass :wheel cmd herd args status tor
permit nopass :wheel cmd herd args restart tor
permit nopass :wheel cmd herd args disable tor
permit nopass :wheel cmd herd args doc networking
permit nopass :wheel cmd herd args stop networking
permit nopass :wheel cmd herd args start networking
permit nopass :wheel cmd herd args enable networking
permit nopass :wheel cmd herd args status networking
permit nopass :wheel cmd herd args restart networking
permit nopass :wheel cmd herd args disable networking
permit nopass :wheel cmd herd args doc wpa-supplicant
permit nopass :wheel cmd herd args stop wpa-supplicant
permit nopass :wheel cmd herd args start wpa-supplicant
permit nopass :wheel cmd herd args enable wpa-supplicant
permit nopass :wheel cmd herd args status wpa-supplicant
permit nopass :wheel cmd herd args restart wpa-supplicant
permit nopass :wheel cmd herd args disable wpa-supplicant
--8<---------------cut
here-------------------------------------------------end--------------->8---
[Message part 2 (text/html, inline)]
[0001-services-Add-doas-service.patch (text/x-diff, attachment)]
Information forwarded
to
guix-patches <at> gnu.org:
bug#68007; Package
guix-patches.
(Sun, 24 Dec 2023 17:23:02 GMT)
Full text and
rfc822 format available.
Message #8 received at 68007 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
I tried to fix the indentation for the email, but seems I've actually
messed it up
[Message part 2 (text/html, inline)]
Reply sent
to
lgcoelho <at> disroot.org:
You have taken responsibility.
(Sat, 09 Nov 2024 10:49:02 GMT)
Full text and
rfc822 format available.
Notification sent
to
lgcoelho <at> disroot.org:
bug acknowledged by developer.
(Sat, 09 Nov 2024 10:49:02 GMT)
Full text and
rfc822 format available.
Message #13 received at 68007-close <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/html, inline)]
bug archived.
Request was from
Debbugs Internal Request <help-debbugs <at> gnu.org>
to
internal_control <at> debbugs.gnu.org.
(Sat, 07 Dec 2024 12:24:06 GMT)
Full text and
rfc822 format available.
This bug report was last modified 96 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.