services: openssh: Collect all keys for all users.

Fixes <https://issues.guix.gnu.org/51487> * gnu/services/ssh.scm (extend-openssh-authorized-keys): ensure that no key is forgotten. Co-authored-by: Ludovic Courtès <ludo@gnu.org>
author: Vivien Kraus <vivien@planete-kraus.eu> 2021-10-29 18:25:24 +0200
committer: Ludovic Courtès <ludo@gnu.org> 2021-11-16 14:34:28 +0100
commit: b4b2bbf4fb74c9f3e93d64863ab9b38957494b49 (patch)
tree: fee6623ece604f85e7f1763a94b3a13dd9e268cf
parent: b2f81865905e87f859ca82ca40877623cda38a69 (diff)
1 files changed, 10 insertions, 1 deletions
diff --git a/gnu/services/ssh.scm b/gnu/services/ssh.scm
index a018052eeb..e7bc6100f6 100644
--- a/gnu/services/ssh.scm
+++ b/gnu/services/ssh.scm
@@ -39,6 +39,7 @@
   #:use-module (srfi srfi-1)
   #:use-module (srfi srfi-26)
   #:use-module (ice-9 match)
+  #:use-module (ice-9 vlist)
   #:export (lsh-configuration
             lsh-configuration?
             lsh-service
@@ -535,7 +536,15 @@ of user-name/file-like tuples."
   (openssh-configuration
    (inherit config)
    (authorized-keys
-    (append (openssh-authorized-keys config) keys))))
+    (match (openssh-authorized-keys config)
+      (((users _ ...) ...)
+       ;; Build a user/key-list mapping.
+       (let ((user-keys (alist->vhash (openssh-authorized-keys config))))
+         ;; Coalesce the key lists associated with each user.
+         (map (lambda (user)
+                `(,user
+                  ,@(concatenate (vhash-fold* cons '() user user-keys))))
+              users)))))))
 
 (define openssh-service-type
   (service-type (name 'openssh)
author	Vivien Kraus <vivien@planete-kraus.eu>	2021-10-29 18:25:24 +0200
committer	Ludovic Courtès <ludo@gnu.org>	2021-11-16 14:34:28 +0100
commit	b4b2bbf4fb74c9f3e93d64863ab9b38957494b49 (patch)
tree	fee6623ece604f85e7f1763a94b3a13dd9e268cf
parent	b2f81865905e87f859ca82ca40877623cda38a69 (diff)