gnu: shishi: Make shishi keys and database administrator-modifiable.

Fixes <https://bugs.gnu.org/30109>.

* gnu/packages/kerberos.scm (shishi)[arguments]<#:configure-flags>:
Add --with-key-dir, --with-db-dir.
<#:phases>[disable-automatic-key-generation]: New phase.
This commit is contained in:
Danny Milosavljevic 2019-03-04 12:45:59 +01:00
parent e337061b3a
commit 2ca3fdc2db
No known key found for this signature in database
GPG Key ID: E71A35542C30BAA5
1 changed files with 17 additions and 4 deletions

View File

@ -116,9 +116,19 @@ cryptography.")
(build-system gnu-build-system)
(arguments
'(;; This is required since we patch some of the build scripts.
;; Remove for the next Shishi release after 1.0.2 or when
;; removing 'shishi-fix-libgcrypt-detection.patch'.
#:configure-flags '("ac_cv_libgcrypt=yes" "--disable-static")))
;; Remove first two items for the next Shishi release after 1.0.2 or
;; when removing 'shishi-fix-libgcrypt-detection.patch'.
#:configure-flags
'("ac_cv_libgcrypt=yes" "--disable-static"
"--with-key-dir=/etc/shishi" "--with-db-dir=/var/shishi")
#:phases
(modify-phases %standard-phases
(add-after 'configure 'disable-automatic-key-generation
(lambda* (#:key outputs #:allow-other-keys)
(substitute* "Makefile"
(("^install-data-hook:")
"install-data-hook:\nx:\n"))
#t)))))
(native-inputs `(("pkg-config" ,pkg-config)))
(inputs
`(("gnutls" ,gnutls)
@ -132,7 +142,10 @@ cryptography.")
(description
"GNU Shishi is a free implementation of the Kerberos 5 network security
system. It is used to allow non-secure network nodes to communicate in a
secure manner through client-server mutual authentication via tickets.")
secure manner through client-server mutual authentication via tickets.
After installation, the system administrator should generate keys using
@code{shisa -a /etc/shishi/shishi.keys}.")
(license license:gpl3+)))
(define-public heimdal