mirror of
https://git.in.rschanz.org/ryan77627/guix.git
synced 2025-01-12 06:06:53 -05:00
gnu: Add NFS related services.
* gnu/services/nfs.scm (pipefs-service-type): New variable, (gss-service-type): New variable, (idmap-service-type) New variable. * doc/guix.texi (Network File System): New node.
This commit is contained in:
parent
ff9c2d819a
commit
eb419bc9fe
2 changed files with 225 additions and 4 deletions
100
doc/guix.texi
100
doc/guix.texi
|
@ -221,6 +221,7 @@ Services
|
|||
* Database Services:: SQL databases.
|
||||
* Mail Services:: IMAP, POP3, SMTP, and all that.
|
||||
* Web Services:: Web servers.
|
||||
* Network File System:: NFS related services.
|
||||
* Miscellaneous Services:: Other services.
|
||||
|
||||
Defining Services
|
||||
|
@ -7647,6 +7648,7 @@ declaration.
|
|||
* Database Services:: SQL databases.
|
||||
* Mail Services:: IMAP, POP3, SMTP, and all that.
|
||||
* Web Services:: Web servers.
|
||||
* Network File System:: NFS related services.
|
||||
* Miscellaneous Services:: Other services.
|
||||
@end menu
|
||||
|
||||
|
@ -10366,14 +10368,21 @@ directories are created when the service is activated.
|
|||
|
||||
@end deffn
|
||||
|
||||
@node Miscellaneous Services
|
||||
@subsubsection Miscellaneous Services
|
||||
@node Network File System
|
||||
@subsubsection Network File System
|
||||
@cindex NFS
|
||||
|
||||
The @code{(gnu services nfs)} module provides the following services,
|
||||
which are most commonly used in relation to mounting or exporting
|
||||
directory trees as @dfn{network file systems} (NFS).
|
||||
|
||||
@subsubheading RPC Bind Service
|
||||
@cindex rpcbind
|
||||
|
||||
The @code{(gnu services nfs)} module provides the following:
|
||||
The RPC Bind service provides a facility to map program numbers into
|
||||
universal addresses.
|
||||
Many NFS related services use this facility. Hence it is automatically
|
||||
started when a dependent service starts.
|
||||
|
||||
@defvr {Scheme Variable} rpcbind-service-type
|
||||
A service type for the RPC portmapper daemon.
|
||||
|
@ -10394,6 +10403,91 @@ instance.
|
|||
@end table
|
||||
@end deftp
|
||||
|
||||
|
||||
@subsubheading Pipefs Pseudo File System
|
||||
@cindex pipefs
|
||||
@cindex rpc_pipefs
|
||||
|
||||
The pipefs file system is used to transfer NFS related data
|
||||
between the kernel and user space programs.
|
||||
|
||||
@defvr {Scheme Variable} pipefs-service-type
|
||||
A service type for the pipefs pseudo file system.
|
||||
@end defvr
|
||||
|
||||
@deftp {Data Type} pipefs-configuration
|
||||
Data type representing the configuration of the pipefs pseudo file system service.
|
||||
This type has the following parameters:
|
||||
@table @asis
|
||||
@item @code{mount-point} (default: @code{"/var/lib/nfs/rpc_pipefs"})
|
||||
The directory to which the file system is to be attached.
|
||||
@end table
|
||||
@end deftp
|
||||
|
||||
|
||||
@subsubheading GSS Daemon Service
|
||||
@cindex GSSD
|
||||
@cindex GSS
|
||||
@cindex global security system
|
||||
|
||||
The @dfn{global security system} (GSS) daemon provides strong security for RPC
|
||||
based protocols.
|
||||
Before exchanging RPC requests an RPC client must establish a security
|
||||
context. Typically this is done using the Kerberos command @command{kinit}
|
||||
or automatically at login time using PAM services.
|
||||
|
||||
@defvr {Scheme Variable} gss-service-type
|
||||
A service type for the Global Security System (GSS) daemon.
|
||||
@end defvr
|
||||
|
||||
@deftp {Data Type} gss-configuration
|
||||
Data type representing the configuration of the GSS daemon service.
|
||||
This type has the following parameters:
|
||||
@table @asis
|
||||
@item @code{nfs-utils} (default: @code{nfs-utils})
|
||||
The package in which the @command{rpc.gssd} command is to be found.
|
||||
|
||||
@item @code{pipefs-directory} (default: @code{"/var/lib/nfs/rpc_pipefs"})
|
||||
The directory where the pipefs file system is mounted.
|
||||
|
||||
@end table
|
||||
@end deftp
|
||||
|
||||
|
||||
@subsubheading IDMAP Daemon Service
|
||||
@cindex idmapd
|
||||
@cindex name mapper
|
||||
|
||||
The idmap daemon service provides mapping between user IDs and user names.
|
||||
Typically it is required in order to access file systems mounted via NFSv4.
|
||||
|
||||
@defvr {Scheme Variable} idmap-service-type
|
||||
A service type for the Identity Mapper (IDMAP) daemon.
|
||||
@end defvr
|
||||
|
||||
@deftp {Data Type} idmap-configuration
|
||||
Data type representing the configuration of the IDMAP daemon service.
|
||||
This type has the following parameters:
|
||||
@table @asis
|
||||
@item @code{nfs-utils} (default: @code{nfs-utils})
|
||||
The package in which the @command{rpc.idmapd} command is to be found.
|
||||
|
||||
@item @code{pipefs-directory} (default: @code{"/var/lib/nfs/rpc_pipefs"})
|
||||
The directory where the pipefs file system is mounted.
|
||||
|
||||
@item @code{domain} (default: @code{#f})
|
||||
The local NFSv4 domain name.
|
||||
This must be a string or @code{#f}.
|
||||
If it is @code{#f} then the daemon will use the host's fully qualified domain name.
|
||||
|
||||
@end table
|
||||
@end deftp
|
||||
|
||||
|
||||
@node Miscellaneous Services
|
||||
@subsubsection Miscellaneous Services
|
||||
|
||||
|
||||
@cindex lirc
|
||||
@subsubheading Lirc Service
|
||||
|
||||
|
|
|
@ -20,11 +20,31 @@ (define-module (gnu services nfs)
|
|||
#:use-module (gnu)
|
||||
#:use-module (gnu services shepherd)
|
||||
#:use-module (gnu packages onc-rpc)
|
||||
#:use-module (gnu packages linux)
|
||||
#:use-module (guix)
|
||||
#:use-module (guix records)
|
||||
#:use-module (ice-9 match)
|
||||
#:use-module (gnu build file-systems)
|
||||
#:export (rpcbind-service-type
|
||||
rpcbind-configuration
|
||||
rpcbind-configuration?))
|
||||
rpcbind-configuration?
|
||||
|
||||
pipefs-service-type
|
||||
pipefs-configuration
|
||||
pipefs-configuration?
|
||||
|
||||
idmap-service-type
|
||||
idmap-configuration
|
||||
idmap-configuration?
|
||||
|
||||
gss-service-type
|
||||
gss-configuration
|
||||
gss-configuration?))
|
||||
|
||||
|
||||
(define default-pipefs-directory "/var/lib/nfs/rpc_pipefs")
|
||||
|
||||
|
||||
|
||||
(define-record-type* <rpcbind-configuration>
|
||||
rpcbind-configuration make-rpcbind-configuration
|
||||
|
@ -52,3 +72,110 @@ (define rpcbind-command
|
|||
|
||||
(start #~(make-forkexec-constructor #$rpcbind-command))
|
||||
(stop #~(make-kill-destructor))))))
|
||||
|
||||
|
||||
|
||||
(define-record-type* <pipefs-configuration>
|
||||
pipefs-configuration make-pipefs-configuration
|
||||
pipefs-configuration?
|
||||
(mount-point pipefs-configuration-mount-point
|
||||
(default default-pipefs-directory)))
|
||||
|
||||
(define pipefs-service-type
|
||||
(shepherd-service-type
|
||||
'pipefs
|
||||
(lambda (config)
|
||||
(define pipefs-directory (pipefs-configuration-mount-point config))
|
||||
|
||||
(shepherd-service
|
||||
(documentation "Mount the pipefs pseudo filesystem.")
|
||||
(provision '(rpc-pipefs))
|
||||
|
||||
(start #~(lambda ()
|
||||
(mkdir-p #$pipefs-directory)
|
||||
(mount "rpc_pipefs" #$pipefs-directory "rpc_pipefs")
|
||||
(member #$pipefs-directory (mount-points))))
|
||||
|
||||
(stop #~(lambda (pid . args)
|
||||
(umount #$pipefs-directory MNT_DETACH)
|
||||
(not (member #$pipefs-directory (mount-points)))))))))
|
||||
|
||||
|
||||
|
||||
(define-record-type* <gss-configuration>
|
||||
gss-configuration make-gss-configuration
|
||||
gss-configuration?
|
||||
(pipefs-directory gss-configuration-pipefs-directory
|
||||
(default default-pipefs-directory))
|
||||
(nfs-utils gss-configuration-gss
|
||||
(default nfs-utils)))
|
||||
|
||||
(define gss-service-type
|
||||
(shepherd-service-type
|
||||
'gss
|
||||
(lambda (config)
|
||||
(define nfs-utils
|
||||
(gss-configuration-gss config))
|
||||
|
||||
(define pipefs-directory
|
||||
(gss-configuration-pipefs-directory config))
|
||||
|
||||
(define gss-command
|
||||
#~(list (string-append #$nfs-utils "/sbin/rpc.gssd") "-f"
|
||||
"-p" #$pipefs-directory))
|
||||
|
||||
(shepherd-service
|
||||
(documentation "Start the RPC GSS daemon.")
|
||||
(requirement '(rpcbind-daemon rpc-pipefs))
|
||||
(provision '(gss-daemon))
|
||||
|
||||
(start #~(make-forkexec-constructor #$gss-command))
|
||||
(stop #~(make-kill-destructor))))))
|
||||
|
||||
|
||||
|
||||
(define-record-type* <idmap-configuration>
|
||||
idmap-configuration make-idmap-configuration
|
||||
idmap-configuration?
|
||||
(pipefs-directory idmap-configuration-pipefs-directory
|
||||
(default default-pipefs-directory))
|
||||
(domain idmap-configuration-domain
|
||||
(default #f))
|
||||
(nfs-utils idmap-configuration-idmap
|
||||
(default nfs-utils)))
|
||||
|
||||
(define idmap-service-type
|
||||
(shepherd-service-type
|
||||
'idmap
|
||||
(lambda (config)
|
||||
|
||||
(define nfs-utils
|
||||
(idmap-configuration-idmap config))
|
||||
|
||||
(define pipefs-directory
|
||||
(idmap-configuration-pipefs-directory config))
|
||||
|
||||
(define domain (idmap-configuration-domain config))
|
||||
|
||||
(define (idmap-config-file config)
|
||||
(plain-file "idmapd.conf"
|
||||
(string-append
|
||||
"\n[General]\n"
|
||||
(if domain
|
||||
(format #f "Domain = ~a\n" domain))
|
||||
"\n[Mapping]\n"
|
||||
"Nobody-User = nobody\n"
|
||||
"Nobody-Group = nogroup\n")))
|
||||
|
||||
(define idmap-command
|
||||
#~(list (string-append #$nfs-utils "/sbin/rpc.idmapd") "-f"
|
||||
"-p" #$pipefs-directory
|
||||
"-c" #$(idmap-config-file config)))
|
||||
|
||||
(shepherd-service
|
||||
(documentation "Start the RPC IDMAP daemon.")
|
||||
(requirement '(rpcbind-daemon rpc-pipefs))
|
||||
(provision '(idmap-daemon))
|
||||
(start #~(make-forkexec-constructor #$idmap-command))
|
||||
(stop #~(make-kill-destructor))))))
|
||||
|
||||
|
|
Loading…
Reference in a new issue