GNU bug report logs

#39136 [PATCH] gnu: services: Add endlessh.

PackageSource(s)Maintainer(s)
guix-patches PTS Buildd Popcon
Full log

Message #17 received at 39136@debbugs.gnu.org (full text, mbox, reply):

Received: (at 39136) by debbugs.gnu.org; 16 Mar 2021 15:32:50 +0000
From debbugs-submit-bounces@debbugs.gnu.org Tue Mar 16 11:32:50 2021
Received: from localhost ([127.0.0.1]:40762 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1lMBgg-0001k9-FO
	for submit@debbugs.gnu.org; Tue, 16 Mar 2021 11:32:50 -0400
Received: from mx1.dismail.de ([78.46.223.134]:15951)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <jbranso@dismail.de>) id 1lMBgf-0001js-5h
 for 39136@debbugs.gnu.org; Tue, 16 Mar 2021 11:32:50 -0400
Received: from mx1.dismail.de (localhost [127.0.0.1])
 by mx1.dismail.de (OpenSMTPD) with ESMTP id 6a7a8599
 for <39136@debbugs.gnu.org>; Tue, 16 Mar 2021 16:32:41 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=dismail.de; h=date
 :message-id:from:to:subject; s=20190914; bh=Od5ECtnalWwbRzVygkza
 bg6EEc6xgKcKA0/qTxYScpY=; b=az8nCDmYkBuEZgBT/03kQgjHWOeQG77pB9cC
 PXGe6VvaB+RJfZUNAX1XDMVlibXzsuSpwQRZEjYoAW1TfuxHfevikOiifhK99kV7
 sKRyGp3OQOtc6n13QVO5EbDHXEslzExSPTZ9wAeTAcDCdgmH6W2WBx2Mj6XlEuCF
 N+6wc+CVg+yeUh0FIHQLpKxzUTzzEjJOFMC3S0D/di8n+cqdfCja5cSjFrDS0Mhx
 Fk8nPDWMHuwHGOj9QWniZpX8xTgFwvgmAndHn4PKC5JATIPLLHCmNy+sgd1e4juy
 oO6AWdnWWRyeckIvTgfzyds99zXP1ks/DjfuqXIWJ37AntYSyg==
Received: from smtp2.dismail.de (<unknown> [10.240.26.12])
 by mx1.dismail.de (OpenSMTPD) with ESMTP id 69d59fc6
 for <39136@debbugs.gnu.org>; Tue, 16 Mar 2021 16:32:41 +0100 (CET)
Received: from smtp2.dismail.de (localhost [127.0.0.1])
 by smtp2.dismail.de (OpenSMTPD) with ESMTP id 7d26d748
 for <39136@debbugs.gnu.org>; Tue, 16 Mar 2021 16:32:41 +0100 (CET)
Received: by dismail.de (OpenSMTPD) with ESMTPSA id c4b0a7e4
 (TLSv1.3:AEAD-AES256-GCM-SHA384:256:NO) for <39136@debbugs.gnu.org>;
 Tue, 16 Mar 2021 16:32:40 +0100 (CET)
Date: Tue, 16 Mar 2021 11:32:21 -0400
Message-Id: <87a6r39ksa.fsf@dismail.de>
From: Joshua Branson <jbranso@dismail.de>
To: 39136@debbugs.gnu.org
Subject: My endlessh patch series 
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 39136
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

So I've been working on this endlessh service for a while.  I believe
it could be better, but perfectionist can only do one thing perfectly:
nothing.  So I've submitted the above patch series.  Let me know if it
needs more work.

At the moment, I believe that endlessh runs as root.  It would be nice
to let it run as user nobody or something like that.

The endlessh systemd file provides an example of how to do that:

https://github.com/skeeto/endlessh/blob/master/util/endlessh.service

## If you want Endlessh to bind on ports < 1024
## 1) run: 
##     setcap 'cap_net_bind_service=+ep' /usr/local/bin/endlessh
## 2) uncomment following line
#AmbientCapabilities=CAP_NET_BIND_SERVICE
## 3) comment following line
PrivateUsers=true

Though setcap 'cap_net_bind_service=+ep' is linux specific.  And I'm
not certain if guix has a method for running setcap on items in the
store.

Those are just some relevant thoughts for improving the service!

Thanks!

Send a report that this bug log contains spam.

debbugs.gnu.org maintainers <help-debbugs@gnu.org>. Last modified: Tue Jan 7 02:35:36 2025; Machine Name: wallace-server

GNU bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.