diff options
| author | Ludovic Courtès <ludo@gnu.org> | 2022-07-01 16:29:53 +0200 |
|---|---|---|
| committer | Ludovic Courtès <ludo@gnu.org> | 2022-07-01 23:29:16 +0200 |
| commit | bf7e07d299b197891110fbd8c717badbab06a472 (patch) | |
| tree | 7bbf249ee7a7dcdda5deff42ee70fb503f09671e /gnu/services | |
| parent | b512dadfd603869ac009a432b56f55945841cce0 (diff) | |
| download | guix-bf7e07d299b197891110fbd8c717badbab06a472.tar.gz | |
services: openssh: Listen on IPv6 only when IPv6 is supported.
Fixes <https://issues.guix.gnu.org/56327>. Reported by André Batista <nandre@riseup.net>. * gnu/services/ssh.scm (openssh-shepherd-service)[ipv6-support?]: New variable. Use it in 'start' method.
Diffstat (limited to 'gnu/services')
| -rw-r--r-- | gnu/services/ssh.scm | 20 |
1 files changed, 16 insertions, 4 deletions
diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm index 57d3ad218c..72e7183590 100644 --- a/gnu/services/ssh.scm +++ b/gnu/services/ssh.scm @@ -536,6 +536,15 @@ of user-name/file-like tuples." #~(and (defined? 'make-inetd-constructor) (not (string=? (@ (shepherd config) Version) "0.9.0")))) + (define ipv6-support? + ;; Expression that returns true if IPv6 support is available. + #~(catch 'system-error + (lambda () + (let ((sock (socket AF_INET6 SOCK_STREAM 0))) + (close-port sock) + #t)) + (const #f))) + (list (shepherd-service (documentation "OpenSSH server.") (requirement '(syslogd loopback)) @@ -544,12 +553,15 @@ of user-name/file-like tuples." (start #~(if #$inetd-style? (make-inetd-constructor (append #$openssh-command '("-i")) - (list (endpoint + (cons (endpoint (make-socket-address AF_INET INADDR_ANY #$port-number)) - (endpoint - (make-socket-address AF_INET6 IN6ADDR_ANY - #$port-number))) + (if #$ipv6-support? + (list + (endpoint + (make-socket-address AF_INET6 IN6ADDR_ANY + #$port-number))) + '())) #:max-connections #$max-connections) (make-forkexec-constructor #$openssh-command #:pid-file #$pid-file))) |