mirror/guix
mirror/guix
1
Fork 0
mirror of https://https.git.savannah.gnu.org/git/guix.git/ synced 2025-07-14 02:50:45 +02:00
Code Releases Activity

services: ngircd: Revert to use make-forkexec-constructor.

Browse source 
The use of make-systemd-constructor appears to cause problems when connecting
via TLS (see: https://github.com/ngircd/ngircd/issues/330).

* gnu/services/messaging.scm (ngircd-global): [pid-file]: Set default value
and remove maybeness.  Adjust doc.
* gnu/services/messaging.scm (ngircd-configuration): Adjust comment.
(ngircd-wrapper): Expose writable PID file and preserve pid namespace.
(ngircd-shepherd-service): Replace make-systemd-constructor with
make-forkexec-constructor and adjust surrounding accordingly.
(ngircd-activation): New procedure.
(ngircd-service-type): Extend activation-service-type with it.

Change-Id: Ic7c135ab45122e180107cde8bb9976426e3afbc4
This commit is contained in:
Maxim Cournoyer 2025-04-12 14:23:31 +09:00
parent 5533ebf57b
commit e78f8a85bb
No known key found for this signature in database
GPG key ID: 1260E46482E63562
2 changed files with 36 additions and 35 deletions
Download patch file Download diff file Expand all files Collapse all files

3
doc/guix.texi
View file

@ -30492,9 +30492,8 @@ Global password or all users needed to connect to the server. By
default, no password is required. PAM must be disabled for this option default, no password is required. PAM must be disabled for this option
to have an effect. to have an effect.
@item @code{pid-file} (type: maybe-string) @item @code{pid-file} (default: @code{"/run/ngircd/ngircd.pid"}) (type: string)
The file name where the PID of ngIRCd should be written after it starts. The file name where the PID of ngIRCd should be written after it starts.
By default, no PID file is created.
@item @code{ports} (default: @code{(6667)}) (type: list-of-ports) @item @code{ports} (default: @code{(6667)}) (type: list-of-ports)
Port number(s) on which the server should listen for @emph{unencrypted} Port number(s) on which the server should listen for @emph{unencrypted}

68
gnu/services/messaging.scm
View file

@ -1124,9 +1124,8 @@ is only used to inform clients.")
no password is required. PAM must be disabled for this option to have an no password is required. PAM must be disabled for this option to have an
effect.") effect.")
(pid-file (pid-file
maybe-string (string "/run/ngircd/ngircd.pid")
"The file name where the PID of ngIRCd should be written after it starts. "The file name where the PID of ngIRCd should be written after it starts.")
By default, no PID file is created.")
(ports (ports
(list-of-ports (list 6667)) (list-of-ports (list 6667))
"Port number(s) on which the server should listen for @emph{unencrypted} "Port number(s) on which the server should listen for @emph{unencrypted}
@ -1429,8 +1428,7 @@ for different users. Refer to @samp{man 5 ngircd.conf} for more details.")
"Shepherd requirements the service should depend on." "Shepherd requirements the service should depend on."
(serializer empty-serializer)) (serializer empty-serializer))
(global (global
;; Always use a ngircd-global default to ensure the default addresses ;; Always use a ngircd-global default to ensure 'pid-file' is defined.
;; listened to are known (used to compute the socket endpoints).
(ngircd-global (ngircd-global)) (ngircd-global (ngircd-global))
"A ngircd-global record object used to specify global options.") "A ngircd-global record object used to specify global options.")
(limits (limits
@ -1526,6 +1524,7 @@ wrapper for the 'ngircd' command."
(let* ((ngircd.conf (serialize-ngircd-configuration config)) (let* ((ngircd.conf (serialize-ngircd-configuration config))
(user group (ngircd-user+group config)) (user group (ngircd-user+group config))
(global (ngircd-configuration-global config)) (global (ngircd-configuration-global config))
(pid-file (ngircd-global-pid-file global))
(help-file (ngircd-global-help-file global)) (help-file (ngircd-global-help-file global))
(motd-file (ngircd-global-motd-file global)) (motd-file (ngircd-global-motd-file global))
(ssl (ngircd-configuration-ssl config)) (ssl (ngircd-configuration-ssl config))
@ -1543,7 +1542,11 @@ wrapper for the 'ngircd' command."
(writable? #t)) (writable? #t))
(file-system-mapping (file-system-mapping
(source ngircd.conf) (source ngircd.conf)
(target source))) (target source))
(file-system-mapping
(source (string-append (dirname pid-file)))
(target source)
(writable? #t)))
(if (maybe-value-set? help-file) (if (maybe-value-set? help-file)
(list (file-system-mapping (list (file-system-mapping
(source help-file) (source help-file)
@ -1592,48 +1595,45 @@ wrapper for the 'ngircd' command."
#:user user #:user user
#:group group #:group group
;; ngircd wants to look up users in /etc/passwd so run in the global user ;; ngircd wants to look up users in /etc/passwd so run in the global user
;; namespace. ;; namespace. Also preserve the PID namespaces otherwise the PID file
#:namespaces (fold delq %namespaces '(net user))))) ;; would contain an unrelated PID number and confuse Shepherd.
#:namespaces (fold delq %namespaces '(net pid user)))))
(define (ngircd-shepherd-service config) (define (ngircd-shepherd-service config)
(match-record config <ngircd-configuration> (match-record config <ngircd-configuration>
(ngircd debug? global shepherd-requirement ssl) (debug? global shepherd-requirement ssl)
(let* ((ngircd.conf (serialize-ngircd-configuration config)) (let* ((ngircd.conf (serialize-ngircd-configuration config))
(ngircd (file-append ngircd "/sbin/ngircd")) (pid-file (ngircd-global-pid-file global)))
(addresses (ngircd-global-listen global))
(ports* (ngircd-global-ports global))
(ports (if (and (maybe-value-set? ssl)
(maybe-value-set? (ngircd-ssl-ports ssl)))
(append ports* (ngircd-ssl-ports ssl))
ports*)))
(list (shepherd-service (list (shepherd-service
(provision '(ngircd)) (provision '(ngircd))
(requirement shepherd-requirement) (requirement shepherd-requirement)
(modules (cons '(srfi srfi-1) %default-modules)) (modules (cons '(srfi srfi-1) %default-modules))
(actions (list (shepherd-configuration-action ngircd.conf))) (actions (list (shepherd-configuration-action ngircd.conf)))
(start #~(make-systemd-constructor ;; Sadly, 'make-systemd-constructor' doesn't work with TLS
;; connections, which hang up (see:
;; https://github.com/ngircd/ngircd/issues/330).
(start #~(make-forkexec-constructor
(append (list #$(ngircd-wrapper config) (append (list #$(ngircd-wrapper config)
"--nodaemon" "--nodaemon"
"--config" #$ngircd.conf) "--config" #$ngircd.conf)
(if #$debug? (if #$debug?
'("--debug") '("--debug")
'())) '()))
;; Compute endpoints for each listen addresses/ports #:pid-file #$pid-file
;; combinations.
(append-map
(lambda (port)
(map (lambda (addr)
(endpoint
(addrinfo:addr
(car (getaddrinfo
addr
(number->string port)
(logior AI_NUMERICHOST
AI_NUMERICSERV))))))
(list #$@addresses)))
(list #$@ports))
#:log-file "/var/log/ngircd.log")) #:log-file "/var/log/ngircd.log"))
(stop #~(make-systemd-destructor))))))) (stop #~(make-kill-destructor)))))))
(define (ngircd-activation config)
(let* ((pid-file (ngircd-global-pid-file
(ngircd-configuration-global config)))
(user _ (ngircd-user+group config)))
#~(begin
(use-modules (guix build utils)
(ice-9 match))
(define pw (match #$user
((? number?) (getpwuid #$user))
((? string?) (getpwnam #$user))))
(mkdir-p/perms #$(dirname pid-file) pw #o755))))
(define ngircd-service-type (define ngircd-service-type
(service-type (service-type
@ -1644,7 +1644,9 @@ wrapper for the 'ngircd' command."
(service-extension profile-service-type (service-extension profile-service-type
(compose list ngircd-configuration-ngircd)) (compose list ngircd-configuration-ngircd))
(service-extension account-service-type (service-extension account-service-type
ngircd-account))) ngircd-account)
(service-extension activation-service-type
ngircd-activation)))
(default-value (ngircd-configuration)) (default-value (ngircd-configuration))
(description (description
"Run @url{https://ngircd.barton.de/, ngIRCd}, a lightweight @acronym{IRC, "Run @url{https://ngircd.barton.de/, ngIRCd}, a lightweight @acronym{IRC,