Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[WIP] nixos: support MOTDs with dynamic update #37602

Closed
wants to merge 1 commit into from
Closed

[WIP] nixos: support MOTDs with dynamic update #37602

wants to merge 1 commit into from

Conversation

thoughtpolice
Copy link
Member

@thoughtpolice thoughtpolice commented Mar 21, 2018
edited
Loading

NOTE: Current WIP, and needs real testing. This is just to get review input/make sure it doesn't get lost.

Modifying pam causes a chain that implies a heavy rebuild for nixos-rebuild, so punting this to staging.

Motivation for this change

I would like to start headless machines services such as Nginx that can direct logged in users to access them through their IP address or domain name.

In order to do this, I need to run a script dynamically, and I would like PAM to output this as part of the MOTD upon running login or the user SSH'ing in -- e.g. by running ifconfig or ip. But in order to do this, I must dynamically run a script which will perform some action (for example, cat a file, run ifconfig, or even wait for a systemd service to start and check something).

This patchset adds support to the pam package and pam NixOS module to allow the config.users.motd option to represent a dynamic script to be run.

The original patchset is heavily based on the original patchset adding this feature, which is not available upstream, courtesy of the Debian/Ubuntu maintainers (I took this from the Ubuntu Launchpad package). This patchset executes a single script named /etc/update-motd, which outputs to /run/motd.dynamic, which is then read by the module after execution.

This patchset is not exactly the same as the original patchset. In particular, the original one runs a set of scripts using run-parts. However, this is based on LSB-style ordering which doesn't easily apply here; furthermore it's expected dynamic MOTDs are 'globally managed' and ordered, but this doesn't feel right with NixOS modules (e.g. if I import a module, does its dynamic script run first or second?) Second, MOTDs are something best set by the user anyway, so it's probably best to just have a single option for the whole machine.

An alternative to this is to just turn off pam_motd and execute the script as part of /etc/profile or something (which is what happens on Fedora I believe) and have it executed on every shell but this feels hackier and I'm not sure the semantics are precisely the same.

Some things to note:

  • This currently overloads config.users.motd to be either plain text or a script, but that doesn't feel right. Should this change to another option (config.users.motd.script?) with some asserts concerning usage?
  • The documentation needs to be fixed.
  • The man page patch should be changed to point to the NixOS manual, perhaps? Or a new man page. With a small blurb about the semantics of this (see update-motd(5) in Ubuntu)
  • This is untested but I wanted to get it online for review.
Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option build-use-sandbox in nix.conf on non-NixOS)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions (Fedora 25 with sandboxing)
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nox --run "nox-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Fits CONTRIBUTING.md.

@thoughtpolice thoughtpolice added 0.kind: enhancement Add something new 6.topic: nixos Issues or PRs affecting NixOS modules, or package usability issues specific to NixOS 1.severity: mass-rebuild This PR causes a large number of packages to rebuild 2.status: work-in-progress This PR isn't done 8.has: package (update) This PR updates a package to a newer version 8.has: module (update) This PR changes an existing module in `nixos/` 11.by: nixpkgs-member labels Mar 21, 2018
@thoughtpolice thoughtpolice self-assigned this Mar 21, 2018
@matthewbauer matthewbauer added 2.status: work-in-progress This PR isn't done and removed 2.status: work-in-progress This PR isn't done labels Mar 22, 2018
@bobvanderlinden
Copy link
Member

Is this still being worked on?

@thoughtpolice
Copy link
Member Author

thoughtpolice commented Apr 14, 2019
edited
Loading

No. Yes, this feature is still useful and I still want it. It is not implemented. I am not actively working on it, and it is not in any critical path of mine, nor will it be anytime in the near future.

If this is useful to you, feel free to take it over and I'll review any patches for it.

@stale
Copy link

stale bot commented Jun 2, 2020

Thank you for your contributions.
This has been automatically marked as stale because it has had no activity for 180 days.
If this is still important to you, we ask that you leave a comment below. Your comment can be as simple as "still important to me". This lets people see that at least one person still cares about this. Someone will have to do this at most twice a year if there is no other activity.
Here are suggestions that might help resolve this more quickly:

  1. Search for maintainers and people that previously touched the
    related code and @ mention them in a comment.
  2. Ask on the NixOS Discourse. 3. Ask on the #nixos channel on
    irc.freenode.net.

@stale stale bot added the 2.status: stale https://github.com/NixOS/nixpkgs/blob/master/.github/STALE-BOT.md label Jun 2, 2020
@flokli
Copy link
Contributor

flokli commented Jun 16, 2020

Cross-referencing for visibility: #90640

@stale stale bot removed the 2.status: stale https://github.com/NixOS/nixpkgs/blob/master/.github/STALE-BOT.md label Jun 16, 2020
@ryantm ryantm added the 2.status: merge conflict This PR has merge conflicts with the target branch label Oct 3, 2020
@ryantm ryantm marked this pull request as draft October 23, 2020 03:13
@stale
Copy link

stale bot commented Apr 26, 2021

I marked this as stale due to inactivity. → More info

@stale stale bot added the 2.status: stale https://github.com/NixOS/nixpkgs/blob/master/.github/STALE-BOT.md label Apr 26, 2021
@flokli
Copy link
Contributor

flokli commented Apr 27, 2021

Let's close this for now, we can still keep the branch around if someone wants to pick this up.

@flokli flokli closed this Apr 27, 2021
@kaldonir kaldonir mentioned this pull request Nov 11, 2022
Merged
13 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@thoughtpolice thoughtpolice

Labels
0.kind: enhancement Add something new 1.severity: mass-rebuild This PR causes a large number of packages to rebuild 2.status: merge conflict This PR has merge conflicts with the target branch 2.status: stale https://github.com/NixOS/nixpkgs/blob/master/.github/STALE-BOT.md 2.status: work-in-progress This PR isn't done 6.topic: nixos Issues or PRs affecting NixOS modules, or package usability issues specific to NixOS 8.has: module (update) This PR changes an existing module in `nixos/` 8.has: package (update) This PR updates a package to a newer version 10.rebuild-darwin: 11-100 10.rebuild-linux: 501+ 11.by: nixpkgs-member
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@thoughtpolice @bobvanderlinden @flokli @ryantm @matthewbauer @GrahamcOfBorg