diff options
author | Ludovic Courtès <ludo@gnu.org> | 2022-05-22 20:12:27 +0200 |
---|---|---|
committer | Ludovic Courtès <ludo@gnu.org> | 2022-05-22 21:56:40 +0200 |
commit | d2b3400f79ffaed3357650307376ab69a7ec3b1b (patch) | |
tree | 1b531c135fea77d60de3df5408be1500d6a720c9 /gnu | |
parent | 52aceda4fd61970db118f23d316784ea8df244e8 (diff) | |
download | guix-d2b3400f79ffaed3357650307376ab69a7ec3b1b.tar.gz |
services: openssh: Listen on both IPv4 and IPv6.
Fixes <https://issues.guix.gnu.org/55335>. Reported by Christopher Baines <mail@cbaines.net>. * gnu/services/ssh.scm (openssh-shepherd-service)[inetd-style?]: New variable. <start>: Use it. When using 'make-inetd-constructor', pass a list of endpoints as is possible with the Shepherd 0.9.1. <stop>: Adjust accordingly. * gnu/tests/ssh.scm (run-ssh-test)["wait for port 22"]: Rename to... ["wait for port 22, IPv4"]: ... this. ["wait for port 22, IPv6"]: New test.
Diffstat (limited to 'gnu')
-rw-r--r-- | gnu/services/ssh.scm | 21 | ||||
-rw-r--r-- | gnu/tests/ssh.scm | 12 |
2 files changed, 28 insertions, 5 deletions
diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm index 7fbbe383e5..be5d029374 100644 --- a/gnu/services/ssh.scm +++ b/gnu/services/ssh.scm @@ -528,19 +528,32 @@ of user-name/file-like tuples." #~(list (string-append #$(openssh-configuration-openssh config) "/sbin/sshd") "-D" "-f" #$(openssh-config-file config))) + (define inetd-style? + ;; Whether to use 'make-inetd-constructor'. That procedure appeared in + ;; Shepherd 0.9.0, but in 0.9.0, 'make-inetd-constructor' wouldn't let us + ;; pass a list of endpoints, and it wouldn't let us define a service + ;; listening on both IPv4 and IPv6, hence the conditional below. + #~(and (defined? 'make-inetd-constructor) + (not (string=? (@ (shepherd config) Version) "0.9.0")))) + (list (shepherd-service (documentation "OpenSSH server.") (requirement '(syslogd loopback)) (provision '(ssh-daemon ssh sshd)) - (start #~(if (defined? 'make-inetd-constructor) + + (start #~(if #$inetd-style? (make-inetd-constructor (append #$openssh-command '("-i")) - (make-socket-address AF_INET INADDR_ANY - #$port-number) + (list (endpoint + (make-socket-address AF_INET INADDR_ANY + #$port-number)) + (endpoint + (make-socket-address AF_INET6 IN6ADDR_ANY + #$port-number))) #:max-connections #$max-connections) (make-forkexec-constructor #$openssh-command #:pid-file #$pid-file))) - (stop #~(if (defined? 'make-inetd-destructor) + (stop #~(if #$inetd-style? (make-inetd-destructor) (make-kill-destructor))) (auto-start? (openssh-auto-start? config))))) diff --git a/gnu/tests/ssh.scm b/gnu/tests/ssh.scm index e3dd601603..3f550db5ea 100644 --- a/gnu/tests/ssh.scm +++ b/gnu/tests/ssh.scm @@ -136,9 +136,19 @@ root with an empty password." (= pid (wait-for-file #$pid-file marionette)) pid))) - (test-assert "wait for port 22" + (test-assert "wait for port 22, IPv4" (wait-for-tcp-port 22 marionette)) + (test-assert "wait for port 22, IPv6" + ;; Make sure it's also available as IPv6. + ;; See <https://issues.guix.gnu.org/55335>. + (wait-for-tcp-port 22 marionette + #:address + `(make-socket-address + AF_INET6 + (inet-pton AF_INET6 "::1") + 22))) + ;; Connect to the guest over SSH. Make sure we can run a shell ;; command there. (test-equal "shell command" |