From aab322d909c0b4abec132ef7aff31c31a1208841 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= <ludo@gnu.org>
Date: Mon, 4 Dec 2017 23:31:15 +0100
Subject: install: Don't start sshd by default.

Reported by Christopher Baines <mail@cbaines.net>
at <https://lists.gnu.org/archive/html/guix-devel/2017-12/msg00058.html>.

* gnu/services/ssh.scm (<openssh-configuration>)[%auto-start?]: New
field.
(openssh-shepherd-service): Honor it.
* gnu/system/install.scm (%installation-services): Set '%auto-start?' to
 #f for openssh-service-type.
---
 gnu/services/ssh.scm   | 12 ++++++++++--
 gnu/system/install.scm |  5 ++++-
 2 files changed, 14 insertions(+), 3 deletions(-)

diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm
index b33ec946c6..301ba74041 100644
--- a/gnu/services/ssh.scm
+++ b/gnu/services/ssh.scm
@@ -304,7 +304,14 @@ The other options should be self-descriptive."
 
   ;; list of user-name/file-like tuples
   (authorized-keys       openssh-authorized-keys
-                         (default '())))
+                         (default '()))
+
+  ;; Boolean
+  ;; XXX: This should really be handled in an orthogonal way, for instance as
+  ;; proposed in <https://bugs.gnu.org/27155>.  Keep it internal/undocumented
+  ;; for now.
+  (%auto-start?          openssh-auto-start?
+                         (default #t)))
 
 (define %openssh-accounts
   (list (user-group (name "sshd") (system? #t))
@@ -445,7 +452,8 @@ of user-name/file-like tuples."
          (provision '(ssh-daemon))
          (start #~(make-forkexec-constructor #$openssh-command
                                              #:pid-file #$pid-file))
-         (stop #~(make-kill-destructor)))))
+         (stop #~(make-kill-destructor))
+         (auto-start? (openssh-auto-start? config)))))
 
 (define (openssh-pam-services config)
   "Return a list of <pam-services> for sshd with CONFIG."
diff --git a/gnu/system/install.scm b/gnu/system/install.scm
index 78f2bf3a13..0dd7688634 100644
--- a/gnu/system/install.scm
+++ b/gnu/system/install.scm
@@ -264,7 +264,10 @@ You have been warned.  Thanks for being so brave.\x1b[0m
                     ;; The root account is passwordless, so make sure
                     ;; a password is set before allowing logins.
                     (allow-empty-passwords? #f)
-                    (password-authentication? #t)))
+                    (password-authentication? #t)
+
+                    ;; Don't start it upfront.
+                    (%auto-start? #f)))
 
           ;; Since this is running on a USB stick with a overlayfs as the root
           ;; file system, use an appropriate cache configuration.
-- 
cgit v1.2.1