summary refs log tree commit diff
path: root/gnu/services/ssh.scm
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2017-12-04 23:31:15 +0100
committerLudovic Courtès <ludo@gnu.org>2017-12-04 23:31:15 +0100
commitaab322d909c0b4abec132ef7aff31c31a1208841 (patch)
tree3cbe52ea12a1bedba2451ec746964aed36028035 /gnu/services/ssh.scm
parent39b27f4eae36d155faf466c59629afb5843030e6 (diff)
downloadguix-aab322d909c0b4abec132ef7aff31c31a1208841.tar.gz
install: Don't start sshd by default.
Reported by Christopher Baines <mail@cbaines.net>
at <https://lists.gnu.org/archive/html/guix-devel/2017-12/msg00058.html>.

* gnu/services/ssh.scm (<openssh-configuration>)[%auto-start?]: New
field.
(openssh-shepherd-service): Honor it.
* gnu/system/install.scm (%installation-services): Set '%auto-start?' to
 #f for openssh-service-type.
Diffstat (limited to 'gnu/services/ssh.scm')
-rw-r--r--gnu/services/ssh.scm12
1 files changed, 10 insertions, 2 deletions
diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm
index b33ec946c6..301ba74041 100644
--- a/gnu/services/ssh.scm
+++ b/gnu/services/ssh.scm
@@ -304,7 +304,14 @@ The other options should be self-descriptive."
 
   ;; list of user-name/file-like tuples
   (authorized-keys       openssh-authorized-keys
-                         (default '())))
+                         (default '()))
+
+  ;; Boolean
+  ;; XXX: This should really be handled in an orthogonal way, for instance as
+  ;; proposed in <https://bugs.gnu.org/27155>.  Keep it internal/undocumented
+  ;; for now.
+  (%auto-start?          openssh-auto-start?
+                         (default #t)))
 
 (define %openssh-accounts
   (list (user-group (name "sshd") (system? #t))
@@ -445,7 +452,8 @@ of user-name/file-like tuples."
          (provision '(ssh-daemon))
          (start #~(make-forkexec-constructor #$openssh-command
                                              #:pid-file #$pid-file))
-         (stop #~(make-kill-destructor)))))
+         (stop #~(make-kill-destructor))
+         (auto-start? (openssh-auto-start? config)))))
 
 (define (openssh-pam-services config)
   "Return a list of <pam-services> for sshd with CONFIG."