[PATCH] added mdevd, umtps, nsss

  • Open
  • quality assurance status badge
Details
One participant
  • s.karrmann
Owner
unassigned
Submitted by
s.karrmann
Severity
normal
S
S
s.karrmann wrote on 20 Jan 2021 21:01
(address . guix-patches@gnu.org)
trinity-cca42c54-1232-4f04-8de6-81df770110c9-1611172896637@3c-app-webde-bap33
From 1f47de4ed6a82c7e75560b67cacaff0c4d923f00 Mon Sep 17 00:00:00 2001
From: "S.Karrmann" <S.Karrmann@web.de>
Date: Wed, 20 Jan 2021 20:48:46 +0100
Subject: [PATCH] added mdevd, umtps, nsss

---
gnu/packages/skarnet.scm | 134 +++++++++++++++++++++++++++++++++++++++
1 file changed, 134 insertions(+)

Toggle diff (153 lines)
diff --git a/gnu/packages/skarnet.scm b/gnu/packages/skarnet.scm
index 51be1a30e8..8f66b5ad99 100644
--- a/gnu/packages/skarnet.scm
+++ b/gnu/packages/skarnet.scm
@@ -4,6 +4,7 @@
;;; Copyright © 2017 Z. Ren <zren@dlut.edu.cn>
;;; Copyright © 2018–2021 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2020 Oleg Pykhalov <go.wigust@gmail.com>
+;;; Copyright © 2021 Dr. Stefan Karrmann <S.Karrmann@web.de>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -368,3 +369,136 @@ all the details.")))
"s6-linux-utils is a set of minimalistic Linux-specific system utilities,
such as @command{mount}, @command{umount}, and @command{chroot} commands,
Linux uevent listeners, a @command{devd} device hotplug daemon, and more.")))
+
+(define-public mdevd
+ (package
+ (name "mdevd")
+ (version "0.1.3.0")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://skarnet.org/software/mdevd/mdevd-"
+ version ".tar.gz"))
+ (sha256
+ (base32 "0spvw27xxd0m6j8bl8xysmgsx18fl769smr6dsh25s2d5h3sp2dy"))))
+ (build-system gnu-build-system)
+ (inputs `(("skalibs" ,skalibs)
+ ("execline" ,execline)))
+ (arguments
+ '(#:configure-flags (list
+ (string-append "--with-lib="
+ (assoc-ref %build-inputs "skalibs")
+ "/lib/skalibs")
+ (string-append "--with-sysdeps="
+ (assoc-ref %build-inputs "skalibs")
+ "/lib/skalibs/sysdeps"))
+ #:tests? #f)) ; no tests exist
+ (home-page "https://skarnet.org/software/mdevd")
+ (license isc)
+ (synopsis "A small daemon managing kernel hotplug events, similarly to udevd")
+ (description
+ "It uses the same configuration file as mdev, which is a hotplug
+manager integrated in the Busybox suite of tools. However, mdev needs
+to be registered in /proc/sys/kernel/hotplug, and the kernel forks an
+instance of mdev for every event; by contrast, mdevd is a daemon and
+does not fork.
+
+The point of mdevd is to provide a drop-in replacement to mdev that
+does not fork, so it can handle large influxes of events at boot time
+without a performance drop. mdevd is designed to be entirely
+compatible with advanced mdev usage such as mdev-like-a-boss.")))
+
+(define-public utmps
+ (package
+ (name "utmps")
+ (version "0.1.0.0")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://skarnet.org/software/utmps/utmps-"
+ version ".tar.gz"))
+ (sha256
+ (base32 "09p0k2sgxr7jlsbrn66fzvzf9zxvpjp85y79xk10hxjglypszyml"))))
+ (build-system gnu-build-system)
+ (inputs `(("skalibs" ,skalibs)
+ ("s6" ,s6)))
+ (arguments
+ '(#:configure-flags (list
+ (string-append "--with-lib="
+ (assoc-ref %build-inputs "skalibs")
+ "/lib/skalibs")
+ (string-append "--with-sysdeps="
+ (assoc-ref %build-inputs "skalibs")
+ "/lib/skalibs/sysdeps"))
+ #:tests? #f)) ; no tests exist
+ (home-page "https://skarnet.org/software/utmps")
+ (license isc)
+ (synopsis "Implementation of the utmpx.h family of functions performing user accounting on Unix systems")
+ (description
+ "Traditionally, utmp functionality is provided by the system's libc.
+However, not all libcs implement utmp: for instance the musl libc, on
+Linux, does not. The main reason for it is that utmp functionality is
+difficult to implement in a secure way; in particular, it is
+impossible to implement without either running a daemon or allowing
+arbitrary programs to tamper with user accounting.
+
+utmps is a secure implementation of user accounting, using a daemon as
+the only authority to manage the utmp and wtmp data; programs running
+utmp functions are just clients to this daemon.")))
+
+(define-public nsss
+ (package
+ (name "nsss")
+ (version "0.1.0.0")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://skarnet.org/software/nsss/nsss-"
+ version ".tar.gz"))
+ (sha256
+ (base32 "15rxbwf16wm1la079yr2xn4bccjgd7m8dh6r7bpr6s57cj93i2mq"))))
+ (build-system gnu-build-system)
+ (inputs `(("skalibs" ,skalibs)
+ ("s6" ,s6)))
+ (arguments
+ '(#:configure-flags (list
+ (string-append "--with-lib="
+ (assoc-ref %build-inputs "skalibs")
+ "/lib/skalibs")
+ (string-append "--with-sysdeps="
+ (assoc-ref %build-inputs "skalibs")
+ "/lib/skalibs/sysdeps"))
+ #:tests? #f)) ; no tests exist
+ (home-page "https://skarnet.org/software/nsss")
+ (license isc)
+ (synopsis "subset of the pwd.h, group.h and shadow.h family of functions, performing user database access on Unix systems")
+ (description
+ "Usually, user database access via getpwnam() and similar function is
+provided by the system's libc. However, not all libcs implement a
+configurable backend for the user/group database. For instance the
+musl libc, on Linux, only supports the standard /etc/passwd mechanism;
+it also supports the nscd protocol but this is not quite enough:
+
+musl only connects to nscd when it cannot find an answer in its files backend
+The nscd protocol does not support enumeration, so primitives
+such as getpwent() cannot be implemented over nscd.
+
+The mechanism used by glibc, called Name Service Switch
+(abbreviated to nsswitch or NSS), has its own set of issues
+that makes it unsuitable in certain situations.
+
+nsss is a secure implementation of a \"name service switch\":
+configurable user/group/shadow database access, providing
+getpwnam() et al. functionality by communicating over a Unix
+domain socket with a daemon; the daemon can perform lookups in
+any database it chooses.
+
+nsss does not perform dynamic module loading, only adds a
+small footprint to the application's binary, and does not add
+any complex decision engine into the client's address space.
+Applications can be statically linked against the nsss
+library, and still benefit from configurable user database
+access functions.")))
--
2.29.2

 
?