;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2014, 2015, 2018, 2021, 2021 Ludovic Courtès ;;; Copyright © 2015 Andreas Enge ;;; Copyright © 2015 Mark H Weaver ;;; Copyright © 2016–2021 Tobias Geerinckx-Rice ;;; Copyright © 2017 Rene Saavedra ;;; Copyright © 2021 David Larsson ;;; Copyright © 2021 Guillaume Le Vaillant ;;; Copyright © 2022 Jai Vetrivelan ;;; ;;; This file is part of GNU Guix. ;;; ;;; GNU Guix is free software; you can redistribute it and/or modify it ;;; under the terms of the GNU General Public License as published by ;;; the Free Software Foundation; either version 3 of the License, or (at ;;; your option) any later version. ;;; ;;; GNU Guix is distributed in the hope that it will be useful, but ;;; WITHOUT ANY WARRANTY; without even the implied warranty of ;;; MERCHANTABILITY or FITNE
aboutsummaryrefslogtreecommitdiff
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2018, 2022 Arun Isaac <arunisaac@systemreboot.net>
;;; Copyright © 2020 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2021 Brice Waegeneire <brice@waegenei.re>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.

(define-module (gnu services security-token)
  #:use-module (gnu services)
  #:use-module (gnu services shepherd)
  #:use-module (gnu packages admin)
  #:use-module (gnu packages base)
  #:use-module (gnu packages security-token)
  #:use-module (gnu system shadow)
  #:use-module (guix gexp)
  #:use-module (guix modules)
  #:use-module (guix records)
  #:use-module (ice-9 match)
  #:use-module (srfi srfi-26)
  #:export (pcscd-configuration
            pcscd-configuration?
            pcscd-configuration-pcsc-lite
            pcscd-configuration-usb-drivers
            pcscd-service-type))

;;;
;;; PC/SC Smart Card Daemon
;;;

(define-record-type* <pcscd-configuration>
  pcscd-configuration make-pcscd-configuration pcscd-configuration?
  (pcsc-lite pcscd-configuration-pcsc-lite
             (default pcsc-lite))
  (usb-drivers pcscd-configuration-usb-drivers
               (default (list ccid))))

(define pcscd-shepherd-service
  (match-lambda
    (($ <pcscd-configuration> pcsc-lite)
     (shepherd-service
      (documentation "PC/SC Smart Card Daemon")
      (provision '(pcscd))
      (requirement '(syslogd))
      (start #~(lambda _
                 (let ((socket "/run/pcscd/pcscd.comm"))
                   (when (file-exists? socket)
                     (delete-file socket)))
                 (fork+exec-command
                  (list #$(file-append pcsc-lite "/sbin/pcscd")
                        "--foreground")
                  #:log-file "/var/log/pcscd.log")))
      (stop #~(make-kill-destructor))))))

(define pcscd-activation
  (match-lambda
    (($ <pcscd-configuration> pcsc-lite usb-drivers)
     (with-imported-modules (source-module-closure
                             '((guix build utils)))
       #~(begin
           (use-modules (guix build utils))

           (mkdir-p "/var/lib")
           (switch-symlinks "/var/lib/pcsc"
                            #$(directory-union
                               "pcsc"
                               (map (cut file-append <> "/pcsc")
                                    usb-drivers))))))))

(define pcscd-service-type
  (service-type
   (name 'pcscd)
   (description
    "Run @command{pcscd}, the PC/SC smart card daemon.")
   (extensions
    (list (service-extension shepherd-root-service-type
                             (compose list pcscd-shepherd-service))
          (service-extension activation-service-type
                             pcscd-activation)))
   (default-value (pcscd-configuration))))
generated by cgit
#f)) ;there are no tests (inputs (list ncurses)) (home-page "https://www.ncftp.com/ncftp/") (synopsis "Command-line File Transfer Protocol (FTP) client") (description "NcFTP Client (or just NcFTP) is a set of command-line programs to access File Transfer Protocol (FTP) servers. This includes @code{ncftp}, an interactive FTP browser, as well as non-interactive commands such as @code{ncftpput} and @code{ncftpget}.") (license clarified-artistic))) (define-public weex (package (name "weex") (version "2.8.2") (source (origin (method url-fetch) (uri (string-append "mirror://sourceforge/weex/weex/" "/weex_" version ".tar.gz")) (sha256 (base32 "1ir761hjncr1bamaqcw9j7x57xi3s9jax3223bxwbq30a0vsw1pd")))) (build-system gnu-build-system) (native-inputs (list automake autoconf gettext-minimal)) (home-page "http://weex.sourceforge.net/") (synopsis "Non-interactive client for FTP synchronization") (description "Weex is a utility designed to automate the task of remotely maintaining a web page or other FTP archive. It synchronizes a set of local files to a remote server by performing uploads and remote deletes as required.") (license gpl2+))) (define-public libfilezilla (package (name "libfilezilla") (version "0.39.2") (source (origin (method url-fetch) (uri (string-append "https://download.filezilla-project.org/" "libfilezilla/libfilezilla-" version ".tar.bz2")) (sha256 (base32 "1x2rixppmvdpn9m01hmh3yqzpczxbkw301hx27n5bfq0dbnx9aar")))) (build-system gnu-build-system) (arguments `(#:configure-flags (list "--disable-static"))) (native-inputs (list cppunit gettext-minimal pkg-config)) (inputs (list gnutls nettle)) (home-page "https://lib.filezilla-project.org") (synopsis "Cross-platform C++ library used by Filezilla client") (description "This package provides some basic functionality to build high-performing, platform-independent programs. Some of the highlights include: @itemize @item A type-safe, multi-threaded event system that's simple to use yet efficient. @item Timers for periodic events. @item A @code{datetime} class that not only tracks timestamp but also their accuracy, which simplifies dealing with timestamps originating from different sources. @item Simple process handling for spawning child processes with redirected input and output. @end itemize\n") (license gpl2+))) (define-public filezilla (package (name "filezilla") (version "3.62.2") (source (origin (method url-fetch) (uri (string-append "https://download.filezilla-project.org/client/" "FileZilla_" version "_src.tar.bz2")) (sha256 (base32 "04lcffmvl1356iyc14pikq3z6jikj6qn0v0zd57lgsm0biihjrx7")))) (build-system gnu-build-system) (arguments ;; Don't let filezilla phone home to check for updates. '(#:configure-flags '("--disable-autoupdatecheck"))) (native-inputs (list cppunit gettext-minimal pkg-config xdg-utils)) (inputs (list dbus gnutls gtk+ libfilezilla libidn nettle pugixml sqlite wxwidgets-3.0)) (home-page "https://filezilla-project.org") (synopsis "Full-featured graphical FTP/FTPS/SFTP client") (description "Filezilla client supports FTP, FTP over SSL/TLS (FTPS), SSH File Transfer Protocol (SFTP), HTTP/1.1, SOCKS5, FTP-Proxy, IPv6 and others features such as bookmarks, drag and drop, filename filters, directory comparison and more.") (license gpl2+) (properties '((upstream-name . "FileZilla"))))) (define-public vsftpd (package (name "vsftpd") (version "3.0.5") (source (origin (method url-fetch) (uri (string-append "https://security.appspot.com/downloads/" "vsftpd-" version ".tar.gz")) (sha256 (base32 "1lwipiq8q9qzvwv6f418fbvagpz0p6v0jjplkvcsc2sb8np05di6")))) (build-system gnu-build-system) (arguments `(#:make-flags (list (string-append "CC=" ,(cc-for-target)) ;; vsf_findlibs.sh looks only for hard-coded {/usr,}/lib file names ;; that will never exist on Guix. Manage libraries ourselves. "LDFLAGS=-lcap -lpam" "INSTALL=install -D") #:tests? #f ; no test suite #:phases (modify-phases %standard-phases (add-after 'unpack 'build-SSL (lambda _ (substitute* "builddefs.h" (("#undef (VSF_BUILD_SSL)" _ symbol) (string-append "#define " symbol))))) (add-after 'unpack 'append-make-flags (lambda _ (substitute* "Makefile" (("(CFLAGS|LDFLAGS)[[:blank:]]*=" _ variable) (format #f "UPSTREAM_~a +=" variable)) (("\\$\\((CFLAGS|LDFLAGS)\\)" _ variable) (format #f "$(UPSTREAM_~a) $(~@*~a)" variable))))) (add-after 'unpack 'patch-installation-directory (lambda* (#:key outputs #:allow-other-keys) (substitute* "Makefile" (("/usr") (assoc-ref outputs "out"))))) (delete 'configure)))) ; no configure script (inputs (list libcap linux-pam openssl)) (synopsis "Small FTP server with a focus on security") (description "The Very Secure File Transfer Protocol Daemon or @command{vsftpd} is a server that listens on a TCP socket for clients and gives them access to local files via @acronym{FTP, the File Transfer Protocol}. Security is a goal; not a guarantee.") (home-page "https://security.appspot.com/vsftpd.html") (license gpl2))) ; with OpenSSL exception