diff options
author | Danny Milosavljevic <dannym@scratchpost.org> | 2019-03-04 12:45:59 +0100 |
---|---|---|
committer | Danny Milosavljevic <dannym@scratchpost.org> | 2019-04-20 17:17:56 +0200 |
commit | 2ca3fdc2db1aef96fbf702a2f26f5e18ce832038 (patch) | |
tree | 9d9fe29b9fbdc9a3946883b0249027a47fc3f5e6 | |
parent | e337061b3a7af892d3a14f5191efb2487ec0fad9 (diff) | |
download | guix-2ca3fdc2db1aef96fbf702a2f26f5e18ce832038.tar guix-2ca3fdc2db1aef96fbf702a2f26f5e18ce832038.tar.gz |
gnu: shishi: Make shishi keys and database administrator-modifiable.
Fixes <https://bugs.gnu.org/30109>.
* gnu/packages/kerberos.scm (shishi)[arguments]<#:configure-flags>:
Add --with-key-dir, --with-db-dir.
<#:phases>[disable-automatic-key-generation]: New phase.
-rw-r--r-- | gnu/packages/kerberos.scm | 21 |
1 files changed, 17 insertions, 4 deletions
diff --git a/gnu/packages/kerberos.scm b/gnu/packages/kerberos.scm index 7cf61c8d0f..1253a58546 100644 --- a/gnu/packages/kerberos.scm +++ b/gnu/packages/kerberos.scm @@ -116,9 +116,19 @@ cryptography.") (build-system gnu-build-system) (arguments '(;; This is required since we patch some of the build scripts. - ;; Remove for the next Shishi release after 1.0.2 or when - ;; removing 'shishi-fix-libgcrypt-detection.patch'. - #:configure-flags '("ac_cv_libgcrypt=yes" "--disable-static"))) + ;; Remove first two items for the next Shishi release after 1.0.2 or + ;; when removing 'shishi-fix-libgcrypt-detection.patch'. + #:configure-flags + '("ac_cv_libgcrypt=yes" "--disable-static" + "--with-key-dir=/etc/shishi" "--with-db-dir=/var/shishi") + #:phases + (modify-phases %standard-phases + (add-after 'configure 'disable-automatic-key-generation + (lambda* (#:key outputs #:allow-other-keys) + (substitute* "Makefile" + (("^install-data-hook:") + "install-data-hook:\nx:\n")) + #t))))) (native-inputs `(("pkg-config" ,pkg-config))) (inputs `(("gnutls" ,gnutls) @@ -132,7 +142,10 @@ cryptography.") (description "GNU Shishi is a free implementation of the Kerberos 5 network security system. It is used to allow non-secure network nodes to communicate in a -secure manner through client-server mutual authentication via tickets.") +secure manner through client-server mutual authentication via tickets. + +After installation, the system administrator should generate keys using +@code{shisa -a /etc/shishi/shishi.keys}.") (license license:gpl3+))) (define-public heimdal |