From b4b2bbf4fb74c9f3e93d64863ab9b38957494b49 Mon Sep 17 00:00:00 2001 From: Vivien Kraus Date: Fri, 29 Oct 2021 18:25:24 +0200 Subject: [PATCH] services: openssh: Collect all keys for all users. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fixes * gnu/services/ssh.scm (extend-openssh-authorized-keys): ensure that no key is forgotten. Co-authored-by: Ludovic Courtès --- gnu/services/ssh.scm | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm index a018052eeb..e7bc6100f6 100644 --- a/gnu/services/ssh.scm +++ b/gnu/services/ssh.scm @@ -39,6 +39,7 @@ (define-module (gnu services ssh) #:use-module (srfi srfi-1) #:use-module (srfi srfi-26) #:use-module (ice-9 match) + #:use-module (ice-9 vlist) #:export (lsh-configuration lsh-configuration? lsh-service @@ -535,7 +536,15 @@ (define (extend-openssh-authorized-keys config keys) (openssh-configuration (inherit config) (authorized-keys - (append (openssh-authorized-keys config) keys)))) + (match (openssh-authorized-keys config) + (((users _ ...) ...) + ;; Build a user/key-list mapping. + (let ((user-keys (alist->vhash (openssh-authorized-keys config)))) + ;; Coalesce the key lists associated with each user. + (map (lambda (user) + `(,user + ,@(concatenate (vhash-fold* cons '() user user-keys)))) + users))))))) (define openssh-service-type (service-type (name 'openssh)