Merge branch 'master' into core-updates

3 files changed, 140 insertions, 34 deletions

diff --git a/gnu/services/admin.scm b/gnu/services/admin.scm
new file mode 100644
index 0000000000..d8086b78d4
--- /dev/null
+++ b/gnu/services/admin.scm
@@ -0,0 +1,119 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2016 Jan Nieuwenhuizen <janneke@gnu.org>
+;;; Copyright © 2016 Ludovic Courtès <ludo@gnu.org>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of thye GNU General Public License
+;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu services admin)
+  #:use-module (gnu packages admin)
+  #:use-module (gnu packages base)
+  #:use-module (gnu services)
+  #:use-module (gnu services mcron)
+  #:use-module (gnu services shepherd)
+  #:use-module (guix gexp)
+  #:use-module (guix packages)
+  #:use-module (guix records)
+  #:use-module (srfi srfi-1)
+  #:export (%default-rotations
+            %rotated-files
+            rottlog-configuration
+            rottlog-configuration?
+            rottlog-service
+            rottlog-service-type))
+
+;;; Commentary:
+;;;
+;;; This module implements configuration of rottlog by writing
+;;; /etc/rottlog/{rc,hourly|daily|weekly}.  Example usage
+;;;
+;;;     (mcron-service)
+;;;     (service rottlog-service-type (rottlog-configuration))
+;;;
+;;; Code:
+
+(define %rotated-files
+  ;; Syslog files subject to rotation.
+  '("/var/log/messages" "/var/log/secure" "/var/log/maillog"))
+
+(define (syslog-rotation-config files)
+  #~(string-append #$(string-join files ",")
+                 " {
+        sharedscripts
+        postrotate
+        " #$coreutils "/bin/kill -HUP $(cat /var/run/syslog.pid) 2> /dev/null
+        endscript
+}
+"))
+
+(define (simple-rotation-config file)
+  (string-append file " {
+        sharedscripts
+}
+"))
+
+(define %default-rotations
+  `(("weekly"
+     ,(computed-file "rottlog.weekly"
+                     #~(call-with-output-file #$output
+                         (lambda (port)
+                           (display #$(syslog-rotation-config %rotated-files)
+                                    port)
+                           (display #$(simple-rotation-config
+                                       "/var/log/shepherd.log")
+                                    port)))))))
+
+(define (default-jobs rottlog)
+  (list #~(job '(next-hour '(0))                  ;midnight
+               (lambda ()
+                 (system* #$(file-append rottlog "/sbin/rottlog"))))
+        #~(job '(next-hour '(12))                 ;noon
+               (lambda ()
+                 (system* #$(file-append rottlog "/sbin/rottlog"))))))
+
+(define-record-type* <rottlog-configuration>
+  rottlog-configuration make-rottlog-configuration
+  rottlog-configuration?
+  (rottlog            rottlog-rottlog             ;package
+                      (default rottlog))
+  (rc-file            rottlog-rc-file             ;file-like
+                      (default (file-append rottlog "/etc/rc")))
+  (periodic-rotations rottlog-periodic-rotations  ;list of (name file) tuples
+                      (default %default-rotations))
+  (jobs               rottlog-jobs                ;list of <mcron-job>
+                      (default #f)))
+
+(define (rottlog-etc config)
+  `(("rottlog" ,(file-union "rottlog"
+                            (cons `("rc" ,(rottlog-rc-file config))
+                                  (rottlog-periodic-rotations config))))))
+
+(define (rottlog-jobs-or-default config)
+  (or (rottlog-jobs config)
+      (default-jobs (rottlog-rottlog config))))
+
+(define rottlog-service-type
+  (service-type
+   (name 'rottlog)
+   (extensions (list (service-extension etc-service-type rottlog-etc)
+                     (service-extension mcron-service-type
+                                        rottlog-jobs-or-default)
+
+                     ;; Add Rottlog to the global profile so users can access
+                     ;; the documentation.
+                     (service-extension profile-service-type
+                                        (compose list rottlog-rottlog))))))
+
+;;; admin.scm ends here
diff --git a/gnu/services/nfs.scm b/gnu/services/nfs.scm
index 82713d8133..b1e1f53fb6 100644
--- a/gnu/services/nfs.scm
+++ b/gnu/services/nfs.scm
@@ -38,11 +38,11 @@
   (shepherd-service-type
    'rpcbind
    (lambda (config)
-     (define pkg
+     (define nfs-utils
        (rpcbind-configuration-rpcbind config))
 
      (define rpcbind-command
-       #~(list (string-append #$pkg "/bin/rpcbind") "-f"
+       #~(list (string-append #$nfs-utils "/bin/rpcbind") "-f"
                #$@(if (rpcbind-configuration-warm-start? config) '("-w") '())))
 
      (shepherd-service
diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm
index 084f8fa4ea..6da612da67 100644
--- a/gnu/services/ssh.scm
+++ b/gnu/services/ssh.scm
@@ -50,7 +50,6 @@
 ;;;
 ;;; Code:
 
-;; TODO: Export.
 (define-record-type* <lsh-configuration>
   lsh-configuration make-lsh-configuration
   lsh-configuration?
@@ -261,15 +260,24 @@ The other options should be self-descriptive."
 (define-record-type* <openssh-configuration>
   openssh-configuration make-openssh-configuration
   openssh-configuration?
-  (pid-file              openssh-configuration-pid-file) ;string
-  (port-number           openssh-configuration-port-number) ;integer
-  (permit-root-login     openssh-configuration-permit-root-login) ;Boolean | 'without-password
-  (allow-empty-passwords? openssh-configuration-allow-empty-passwords?) ;Boolean
-  (password-authentication? openssh-configuration-password-authentication?) ;Boolean
-  (pubkey-authentication? openssh-configuration-pubkey-authentication?) ;Boolean
-  (rsa-authentication?   openssh-configuration-rsa-authentication?) ;Boolean
-  (x11-forwarding?       openssh-configuration-x11-forwarding?) ;Boolean
-  (protocol-number       openssh-configuration-protocol-number)) ;integer
+  (pid-file              openssh-configuration-pid-file
+                         (default "/var/run/sshd.pid"))
+  (port-number           openssh-configuration-port-number ;integer
+                         (default 22))
+  (permit-root-login     openssh-configuration-permit-root-login ;Boolean | 'without-password
+                         (default #f))
+  (allow-empty-passwords? openssh-configuration-allow-empty-passwords? ;Boolean
+                          (default #f))
+  (password-authentication? openssh-configuration-password-authentication? ;Boolean
+                            (default #t))
+  (public-key-authentication? openssh-configuration-public-key-authentication?
+                              (default #t))                         ;Boolean
+  (rsa-authentication?   openssh-configuration-rsa-authentication?  ;Boolean
+                         (default #t))
+  (x11-forwarding?       openssh-configuration-x11-forwarding? ;Boolean
+                         (default #f))
+  (protocol-number       openssh-configuration-protocol-number ;integer
+                         (default 2)))
 
 (define %openssh-accounts
   (list (user-group (name "sshd") (system? #t))
@@ -314,7 +322,7 @@ The other options should be self-descriptive."
                  #$(if (openssh-configuration-password-authentication? config)
                        "yes" "no"))
          (format port "PubkeyAuthentication ~a\n"
-                 #$(if (openssh-configuration-pubkey-authentication? config)
+                 #$(if (openssh-configuration-public-key-authentication? config)
                        "yes" "no"))
          (format port "RSAAuthentication ~a\n"
                  #$(if (openssh-configuration-rsa-authentication? config)
@@ -354,27 +362,6 @@ The other options should be self-descriptive."
                        (service-extension account-service-type
                                           (const %openssh-accounts))))))
 
-(define* (openssh-service #:key
-                          (pid-file "/var/run/sshd.pid")
-                          (port-number 22)
-                          (permit-root-login 'without-password)
-                          (allow-empty-passwords? #f)
-                          (password-authentication? #t)
-                          (pubkey-authentication? #t)
-                          (rsa-authentication? #t)
-                          (x11-forwarding? #f)
-                          (protocol-number 2))
-  (service openssh-service-type (openssh-configuration
-                                 (pid-file pid-file)
-                                 (port-number port-number)
-                                 (permit-root-login permit-root-login)
-                                 (allow-empty-passwords? allow-empty-passwords?)
-                                 (password-authentication? password-authentication?)
-                                 (pubkey-authentication? pubkey-authentication?)
-                                 (rsa-authentication? rsa-authentication?)
-                                 (x11-forwarding? x11-forwarding?)
-                                 (protocol-number protocol-number))))
-
 
 ;;;
 ;;; Dropbear.