aboutsummaryrefslogtreecommitdiff
path: root/gnu
diff options
context:
space:
mode:
authorDanny Milosavljevic <dannym@scratchpost.org>2019-03-04 12:45:59 +0100
committerDanny Milosavljevic <dannym@scratchpost.org>2019-04-20 17:17:56 +0200
commit2ca3fdc2db1aef96fbf702a2f26f5e18ce832038 (patch)
tree9d9fe29b9fbdc9a3946883b0249027a47fc3f5e6 /gnu
parente337061b3a7af892d3a14f5191efb2487ec0fad9 (diff)
downloadpatches-2ca3fdc2db1aef96fbf702a2f26f5e18ce832038.tar
patches-2ca3fdc2db1aef96fbf702a2f26f5e18ce832038.tar.gz
gnu: shishi: Make shishi keys and database administrator-modifiable.
Fixes <https://bugs.gnu.org/30109>. * gnu/packages/kerberos.scm (shishi)[arguments]<#:configure-flags>: Add --with-key-dir, --with-db-dir. <#:phases>[disable-automatic-key-generation]: New phase.
Diffstat (limited to 'gnu')
-rw-r--r--gnu/packages/kerberos.scm21
1 files changed, 17 insertions, 4 deletions
diff --git a/gnu/packages/kerberos.scm b/gnu/packages/kerberos.scm
index 7cf61c8d0f..1253a58546 100644
--- a/gnu/packages/kerberos.scm
+++ b/gnu/packages/kerberos.scm
@@ -116,9 +116,19 @@ cryptography.")
(build-system gnu-build-system)
(arguments
'(;; This is required since we patch some of the build scripts.
- ;; Remove for the next Shishi release after 1.0.2 or when
- ;; removing 'shishi-fix-libgcrypt-detection.patch'.
- #:configure-flags '("ac_cv_libgcrypt=yes" "--disable-static")))
+ ;; Remove first two items for the next Shishi release after 1.0.2 or
+ ;; when removing 'shishi-fix-libgcrypt-detection.patch'.
+ #:configure-flags
+ '("ac_cv_libgcrypt=yes" "--disable-static"
+ "--with-key-dir=/etc/shishi" "--with-db-dir=/var/shishi")
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'configure 'disable-automatic-key-generation
+ (lambda* (#:key outputs #:allow-other-keys)
+ (substitute* "Makefile"
+ (("^install-data-hook:")
+ "install-data-hook:\nx:\n"))
+ #t)))))
(native-inputs `(("pkg-config" ,pkg-config)))
(inputs
`(("gnutls" ,gnutls)
@@ -132,7 +142,10 @@ cryptography.")
(description
"GNU Shishi is a free implementation of the Kerberos 5 network security
system. It is used to allow non-secure network nodes to communicate in a
-secure manner through client-server mutual authentication via tickets.")
+secure manner through client-server mutual authentication via tickets.
+
+After installation, the system administrator should generate keys using
+@code{shisa -a /etc/shishi/shishi.keys}.")
(license license:gpl3+)))
(define-public heimdal