summaryrefslogtreecommitdiff
path: root/gnu/build/secret-service.scm
AgeCommit message (Collapse)Author
2022-04-07secret-service: Allow cooperative scheduling when Fibers is used.Ludovic Courtès
This lets the 'childhurd' service start in the background, letting shepherd perform other tasks in the meantime, including serving clients (such as the 'herd' command). * gnu/build/secret-service.scm (with-modules): New macro. (wait-for-readable-fd): Add cooperative implementation when Fibers is in use. (secret-service-send-secrets): Define 'sleep' so that it cooperates when Fibers is in use.
2022-04-07secret-service: Abstract 'wait-for-readable-fd'.Ludovic Courtès
* gnu/build/secret-service.scm (wait-for-readable-fd): New procedure. (secret-service-send-secrets): Use it instead of 'select'.
2021-12-12services: secret-service: Turn into a Shepherd service.Ludovic Courtès
* gnu/services/virtualization.scm (secret-service-activation): Remove. (secret-service-shepherd-services): New procedure. (secret-service-type)[extensions]: Remove ACTIVATION-SERVICE-TYPE extension. Add SHEPHERD-ROOT-SERVICE-TYPE and USER-PROCESSES-SERVICE-TYPE extensions. * gnu/build/secret-service.scm (delete-file*): New procedure. (secret-service-receive-secrets): Use it.
2020-09-29secret-service: Add proper logging procedure and log to syslog.Ludovic Courtès
* gnu/build/secret-service.scm (log): New macro. (secret-service-send-secrets, secret-service-receive-secrets): Use it instead of raw 'format' calls.
2020-09-29services: secret-service: Add initial client/server handshake.Ludovic Courtès
This allows the client running on the host to know when it's actually connect to the server running in the guest. Failing that, the client would connect right away to QEMU and send secrets even though the server is not running yet in the guest, which is unreliable. * gnu/build/secret-service.scm (secret-service-send-secrets): Add #:handshake-timeout. Read from SOCK an initial message from the server. Return #f on error. (secret-service-receive-secrets): Send 'secret-service-server' message to the client. Close SOCK upon timeout. * gnu/services/virtualization.scm (hurd-vm-shepherd-service): 'start' method returns #f when 'secret-service-send-secrets' returns #f.
2020-09-29secret-service: Fix file port leak in 'secret-service-send-secrets'.Ludovic Courtès
* gnu/build/secret-service.scm (secret-service-send-secrets): Use 'call-with-input-file' instead of 'open-input-file'.
2020-09-29secret-service: Add a timeout when waiting for a client.Ludovic Courtès
* gnu/build/secret-service.scm (secret-service-receive-secrets) [wait-for-client]: Call 'select' with a 60s timeout before 'accept'. Return #f upon timeout. [read-secrets]: Return FILES on success. Adjust caller of 'wait-for-client' to handle #f.
2020-09-29secret-service: Clarify the origin of messages.Ludovic Courtès
* gnu/build/secret-service.scm (secret-service-send-secrets) (secret-service-receive-secrets): Prefix messages by "secret service".
2020-09-01services: Add secret-service-type.Jan (janneke) Nieuwenhuizen
This adds a "secret-service" that can be added to a Childhurd VM to receive out-of-band secrets (keys) sent from the host. Co-authored-by: Ludovic Courtès <ludo@gnu.org> * gnu/services/virtualization.scm (secret-service-activation): New procedure. (secret-service-type): New variable. * gnu/build/secret-service.scm: New file. * gnu/local.mk (GNU_SYSTEM_MODULES): Add it.