From 808b9e850491c7b1d867a5f1f4d5ee6f61f345d4 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Mon, 28 Mar 2022 14:03:45 +0200 Subject: services: openssh: Start as an inetd service. * gnu/services/ssh.scm (openssh-shepherd-service): Use 'make-inetd-constructor' when it is defined. ()[max-connections]: New field. * gnu/tests/ssh.scm (run-ssh-test)["sshd PID"]: Adjust to cope with PID-FILE being #f. * gnu/tests/ssh.scm (%test-openssh): Pass #f as the 'pid-file' argument. * doc/guix.texi (Networking Services): Document 'max-connections'. --- gnu/services/ssh.scm | 23 ++++++++++++++++++++--- 1 file changed, 20 insertions(+), 3 deletions(-) (limited to 'gnu/services/ssh.scm') diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm index 5c8fe4eef4..7fbbe383e5 100644 --- a/gnu/services/ssh.scm +++ b/gnu/services/ssh.scm @@ -292,6 +292,9 @@ The other options should be self-descriptive." ;; integer (port-number openssh-configuration-port-number (default 22)) + ;; integer + (max-connections openssh-configuration-max-connections + (default 200)) ;; Boolean | 'prohibit-password (permit-root-login openssh-configuration-permit-root-login (default #f)) @@ -515,6 +518,12 @@ of user-name/file-like tuples." (define pid-file (openssh-configuration-pid-file config)) + (define port-number + (openssh-configuration-port-number config)) + + (define max-connections + (openssh-configuration-max-connections config)) + (define openssh-command #~(list (string-append #$(openssh-configuration-openssh config) "/sbin/sshd") "-D" "-f" #$(openssh-config-file config))) @@ -523,9 +532,17 @@ of user-name/file-like tuples." (documentation "OpenSSH server.") (requirement '(syslogd loopback)) (provision '(ssh-daemon ssh sshd)) - (start #~(make-forkexec-constructor #$openssh-command - #:pid-file #$pid-file)) - (stop #~(make-kill-destructor)) + (start #~(if (defined? 'make-inetd-constructor) + (make-inetd-constructor + (append #$openssh-command '("-i")) + (make-socket-address AF_INET INADDR_ANY + #$port-number) + #:max-connections #$max-connections) + (make-forkexec-constructor #$openssh-command + #:pid-file #$pid-file))) + (stop #~(if (defined? 'make-inetd-destructor) + (make-inetd-destructor) + (make-kill-destructor))) (auto-start? (openssh-auto-start? config))))) (define (openssh-pam-services config) -- cgit 1.4.1