From 0cc9a752dc9cdb185eef48af6dd6dc17a205bf7d Mon Sep 17 00:00:00 2001 From: Alexander von Gluck IV Date: Thu, 15 Dec 2022 19:47:55 -0600 Subject: [PATCH] gce_oslogin: Add experimental gce_oslogin tools * This in theory will allow Haiku running in Google Compute Engine to authenticate users via the SSH public keys specified by GCE * This is experimental. GCE users likely need hand-created in Haiku before being able to login via ssh. (We don't have NSS to automate this) --- .../gce-oslogin/gce_oslogin-20221110~1.recipe | 54 ++++++++++++ .../patches/gce_oslogin-20221110.patchset | 84 +++++++++++++++++++ 2 files changed, 138 insertions(+) create mode 100644 net-misc/gce-oslogin/gce_oslogin-20221110~1.recipe create mode 100644 net-misc/gce-oslogin/patches/gce_oslogin-20221110.patchset diff --git a/net-misc/gce-oslogin/gce_oslogin-20221110~1.recipe b/net-misc/gce-oslogin/gce_oslogin-20221110~1.recipe new file mode 100644 index 000000000..3492dd4d3 --- /dev/null +++ b/net-misc/gce-oslogin/gce_oslogin-20221110~1.recipe @@ -0,0 +1,54 @@ +SUMMARY="Enables oslogin functionality when Haiku is run on GCE" +DESCRIPTION="Google os-login allows Google Compute Engine to manage authorization \ +of users to virtual machines via Google's api metadata server. This tool is only \ +useful on Haiku running within Google Compute Engine instances. This tool is also extremely \ +limited as the GCE username must be manually created on the Haiku instance prior to logging in \ +via ssh (Haiku has no NSS to read network users from GCE). \ +Post-install, sshd_config needs AuthorizedKeysCommand adjusted." + +HOMEPAGE="http://www.github.com/GoogleCloudPlatform/guest-oslogin" +COPYRIGHT="2020 Google Inc." +LICENSE="Apache v2" +REVISION="1" +SOURCE_URI="https://github.com/GoogleCloudPlatform/guest-oslogin/archive/refs/tags/20221110.00.tar.gz" +CHECKSUM_SHA256="8d8b495a35f7c55308ca0adf03a8470dc4c38eaadc5e09bb27ea551589cbf494" +SOURCE_DIR="guest-oslogin-20221110.00" +PATCHES="gce_oslogin-20221110.patchset" + +ARCHITECTURES="all" + +PROVIDES=" + gce_oslogin = $portVersion + cmd:google_authorized_keys = $portVersion + " +REQUIRES=" + haiku + cmd:make + cmd:gcc + lib:libcurl$secondaryArchSuffix + lib:libjson_c$secondaryArchSuffix + " +BUILD_REQUIRES=" + haiku_devel + devel:libcurl$secondaryArchSuffix + devel:libjson_c$secondaryArchSuffix + " +BUILD_PREREQUIRES=" + cmd:gcc + cmd:make + cmd:pkg_config + " +BUILD() +{ + cd src + make google_authorized_keys $jobArgs +} + +INSTALL() +{ + # To be useful, sshd_config needs 'AuthorizedKeysCommand: /boot/system/bin/google_authorized_keys' + # We might consider making a sshd_config.d? + install -d -m 755 "$binDir" "$docDir" + install -t "$docDir" -m 644 README.md + install -t "$binDir" -m 755 src/google_authorized_keys +} diff --git a/net-misc/gce-oslogin/patches/gce_oslogin-20221110.patchset b/net-misc/gce-oslogin/patches/gce_oslogin-20221110.patchset new file mode 100644 index 000000000..b0c270168 --- /dev/null +++ b/net-misc/gce-oslogin/patches/gce_oslogin-20221110.patchset @@ -0,0 +1,84 @@ +From 6e929eff5a8e82942400d52488ff505b5baa2d11 Mon Sep 17 00:00:00 2001 +From: Alexander von Gluck IV +Date: Thu, 8 Dec 2022 14:38:03 +0000 +Subject: [PATCH 1/2] makefile: Don't assume json-c header path + +--- + src/Makefile | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/src/Makefile b/src/Makefile +index f525bbe..ba6f5fa 100644 +--- a/src/Makefile ++++ b/src/Makefile +@@ -1,7 +1,9 @@ + SHELL = /bin/sh + TOPDIR = $(realpath ..) + +-CPPFLAGS = -Iinclude -I/usr/include/json-c ++CPPFLAGS = -Iinclude ++CPPFLAGS += $(shell pkg-config --cflags json-c) ++ + FLAGS = -fPIC -Wall -g + CFLAGS = $(FLAGS) -Wstrict-prototypes + CXXFLAGS = $(FLAGS) +-- +2.37.3 + +From 78c4560a84430ac404a913b6b96375c42bd9c272 Mon Sep 17 00:00:00 2001 +From: Alexander von Gluck IV +Date: Thu, 8 Dec 2022 14:43:03 +0000 +Subject: [PATCH 2/2] haiku: Add Haiku support + +* This is enough to compile a google_authorized_keys for sshd +--- + src/include/compat.h | 18 +++++++++++++++++- + src/oslogin_utils.cc | 2 ++ + 2 files changed, 19 insertions(+), 1 deletion(-) + +diff --git a/src/include/compat.h b/src/include/compat.h +index 8585a95..15600ca 100644 +--- a/src/include/compat.h ++++ b/src/include/compat.h +@@ -15,7 +15,23 @@ + #ifndef OSLOGIN_COMPAT_H + #define OSLOGIN_COMPAT_H + +-#ifdef __FreeBSD__ ++#ifdef __HAIKU__ ++ ++#warning Haiku has no NSS ++#define DEFAULT_SHELL "/bin/bash" ++#define DEFAULT_PASSWD "x" ++ ++#define PASSWD_PATH "/etc/passwd" ++ ++#define OSLOGIN_PASSWD_CACHE_PATH "/etc/oslogin_passwd.cache" ++#define OSLOGIN_GROUP_CACHE_PATH "/etc/oslogin_group.cache" ++ ++#define K_DEFAULT_PFILE_PATH "/etc/oslogin_passwd.cache" ++#define K_DEFAULT_BACKUP_PFILE_PATH "/etc/oslogin_passwd.cache.bak" ++#define K_DEFAULT_GFILE_PATH "/etc/oslogin_group.cache" ++#define K_DEFAULT_BACKUP_GFILE_PATH "/etc/oslogin_group.cache.bak" ++ ++#elif __FreeBSD__ + + #include + +diff --git a/src/oslogin_utils.cc b/src/oslogin_utils.cc +index 8fe511c..609dbf7 100644 +--- a/src/oslogin_utils.cc ++++ b/src/oslogin_utils.cc +@@ -18,7 +18,9 @@ + #include + #include + #include ++#ifndef __HAIKU__ + #include ++#endif + #include + #include + #include +-- +2.37.3 +