summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJakob L. Kreuze <zerodaysfordays@sdf.lonestar.org>2019-08-15 12:09:11 -0400
committerChristopher Lemmer Webber <cwebber@dustycloud.org>2019-08-16 08:47:28 -0400
commit4cc5e5204b503afb4536a1e93e2fd7a9f57f12bf (patch)
tree6e7adba5c05a3c40ccd7687b56613a5474b60d8f
parentddef146b894a1b1158b56bad72ca265537a55764 (diff)
machine: Use 'become-command'.
* gnu/machine/ssh.scm (managed-host-remote-eval): Pass an appropriate 'become-command' to 'remote-eval'. * guix/ssh.scm (remote-authorize-signing-key): Add optional 'become-command' argument. All callers changed.
-rw-r--r--gnu/machine/ssh.scm7
-rw-r--r--guix/ssh.scm5
2 files changed, 8 insertions, 4 deletions
diff --git a/gnu/machine/ssh.scm b/gnu/machine/ssh.scm
index ac3aa3e370..aafe0ccf41 100644
--- a/gnu/machine/ssh.scm
+++ b/gnu/machine/ssh.scm
@@ -126,7 +126,9 @@ an environment type of 'managed-host."
#:build-locally?
(machine-ssh-configuration-build-locally? config)
#:system
- (machine-ssh-configuration-system config))))
+ (machine-ssh-configuration-system config)
+ #:become-command
+ (machine-become-command machine))))
;;;
@@ -377,7 +379,8 @@ have you run 'guix archive --generate-key?'")
(lambda (port)
(string->canonical-sexp
(get-string-all port))))
- (machine-ssh-session machine)))
+ (machine-ssh-session machine)
+ (machine-become-command machine)))
(mlet %store-monad ((_ (check-deployment-sanity machine))
(boot-parameters (machine-boot-parameters machine)))
(let* ((os (machine-operating-system machine))
diff --git a/guix/ssh.scm b/guix/ssh.scm
index 24834c6f68..7bc499a2fe 100644
--- a/guix/ssh.scm
+++ b/guix/ssh.scm
@@ -302,7 +302,7 @@ the machine on the other end of SESSION."
(inferior-remote-eval '(begin (use-modules (guix utils)) (%current-system))
session))
-(define (remote-authorize-signing-key key session)
+(define* (remote-authorize-signing-key key session #:optional become-command)
"Send KEY, a canonical sexp containing a public key, over SESSION and add it
to the system ACL file if it has not yet been authorized."
(inferior-remote-eval
@@ -321,7 +321,8 @@ to the system ACL file if it has not yet been authorized."
(mkdir-p (dirname %acl-file))
(with-atomic-file-output %acl-file
(cut write-acl acl <>)))))
- session))
+ session
+ become-command))
(define* (send-files local files remote
#:key