bug#52533: guix deploy breaks SSH access with a PAM error

bug-guix

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#52533: guix deploy breaks SSH access with a PAM error

From:	Ludovic Courtès
Subject:	bug#52533: guix deploy breaks SSH access with a PAM error
Date:	Mon, 17 Jan 2022 17:13:17 +0100
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux)

Hi,

Maxim Cournoyer <maxim.cournoyer@gmail.com> skribis:

> Ludovic Courtès <ludo@gnu.org> writes:
>
> [...]
>
>> sshd could also be started via socket activation; ‘sshd’ subprocesses
>> corresponding to existing logins would be unaffected.
>>
>>> Also, it seems to me inetd can already do "socket activation", if this
>>> was somehow useful.
>>
>> Yes, inetd can do that.  It would be nicer though to have it all
>> integrated in the Shepherd.
>
> I'm not sure.  The beauty of Shepherd, in my eyes, when compared to
> other init systems, is that it is lean and clean.  Leveraging what's
> already out there (and part of GNU) seems an obvious path to me, as it:
>
> 1. Means less code to write, document and maintain.
> 2. Creates more cohesion between various components of the GNU project.

Heheh, Guix was started to address #2 actually.  Today, I think #2 is
okay but should not be an obstacle.

As for #1, sure, but Shepherd will need to grow a proper event loop
anyway, so socket activation won’t make much of a difference.

Also, taking a step back, systemd undoubtedly changed user expectations
for the better in terms of integration, monitoring, and logging.  Having
the same level of integration in the Shepherd would be a step in that
direction.

>> (Basically, it’s a choice we could make right away: do we move all
>> network daemons, plus things like guix-daemon, dbus-daemon, etc. etc. to
>> inetd services, or do we instead extend the Shepherd to support socket
>> activation?  I’m rather in favor of the latter, but if in Guix System we
>> build an abstraction that can equally well target inetd or a future
>> Shepherd version, that’s even better.)
>
> We could start with just targeting inetd, and build the abstraction
> later, if the need arises, perhaps?  We may never need it.

Yes, so what I had in mind is, in Guix System, something like
<socket-activated-service>, which would kinda look like
<shepherd-service> but be lowered (for now) to an inetd service.

Thanks,
Ludo’.

[Prev in Thread]

Current Thread

[Next in Thread]

bug#52533: guix deploy breaks SSH access with a PAM error, Mathieu Othacehe, 2022/01/13
- bug#52533: guix deploy breaks SSH access with a PAM error, Mathieu Othacehe, 2022/01/13
- bug#52533: guix deploy breaks SSH access with a PAM error, Ludovic Courtès, 2022/01/13
  - bug#52533: guix deploy breaks SSH access with a PAM error, Maxim Cournoyer, 2022/01/13
    - bug#52533: guix deploy breaks SSH access with a PAM error, Ludovic Courtès, 2022/01/17
    - bug#52533: guix deploy breaks SSH access with a PAM error, Maxim Cournoyer, 2022/01/17
    - bug#52533: guix deploy breaks SSH access with a PAM error, Ludovic Courtès <=
    - bug#52533: guix deploy breaks SSH access with a PAM error, Maxim Cournoyer, 2022/01/17
    - bug#52533: guix deploy breaks SSH access with a PAM error, Ludovic Courtès, 2022/01/18

Prev by Date: bug#52976: Some tools in Samba fail to find modules, and a missing dependency
Next by Date: bug#53309: Newly-added python-piexif fails to patch source due to CRLF(?)
Previous by thread: bug#52533: guix deploy breaks SSH access with a PAM error
Next by thread: bug#52533: guix deploy breaks SSH access with a PAM error
Index(es):
- Date
- Thread