ssh-tpm-agent: match the upstream systemd units

2025-11-08 11:36:05 +01:00 · 2025-08-12 07:36:39 +02:00 · 2025-08-12 07:36:39 +02:00 · 0d1e116e4f
commit 0d1e116e4f
parent 3a5136d8dd
3 changed files with 5 additions and 18 deletions
--- a/modules/services/ssh-tpm-agent.nix
+++ b/modules/services/ssh-tpm-agent.nix
@ -74,7 +74,6 @@ in
            Documentation = "https://github.com/Foxboron/ssh-tpm-agent";
            Requires = [ "ssh-tpm-agent.socket" ];
            After = [ "ssh-tpm-agent.socket" ];
-            RefuseManualStart = true;
          };
          Service = {
            Environment = "SSH_TPM_AUTH_SOCK=%t/ssh-tpm-agent.sock";
@ -82,7 +81,7 @@ in
              let
                inherit (config.services) ssh-agent;
              in
-              "${lib.getExe cfg.package} -l %t/ssh-tpm-agent.sock"
+              (lib.getExe cfg.package)
              + lib.optionalString (cfg.keyDir != null) " --key-dir ${cfg.keyDir}"
              + lib.optionalString ssh-agent.enable " -A %t/${ssh-agent.socket}";
            SuccessExitStatus = 2;
@ -102,18 +101,12 @@ in
          Description = "SSH TPM agent socket";
          Documentation = "https://github.com/Foxboron/ssh-tpm-agent";
        };
-
        Socket = {
          ListenStream = "%t/ssh-tpm-agent.sock";
-          RuntimeDirectory = "ssh-tpm-agent";
-          SocketMode = "0600";
-          DirectoryMode = "0700";
          Service = "ssh-tpm-agent.service";
+          SocketMode = "0600";
        };
-
-        Install = {
-          WantedBy = [ "sockets.target" ];
-        };
+        Install.WantedBy = [ "sockets.target" ];
      };
    };
  };
--- a/tests/modules/services/ssh-tpm-agent/as-ssh-agent-proxy.nix
+++ b/tests/modules/services/ssh-tpm-agent/as-ssh-agent-proxy.nix
@ -17,7 +17,7 @@
    assertFileContent $serviceFile ${builtins.toFile "expected-service" ''
      [Service]
      Environment=SSH_TPM_AUTH_SOCK=%t/ssh-tpm-agent.sock
-      ExecStart=@ssh-tpm-agent@/bin/dummy -l %t/ssh-tpm-agent.sock -A %t/ssh-agent
+      ExecStart=@ssh-tpm-agent@/bin/dummy -A %t/ssh-agent
      SuccessExitStatus=2
      Type=simple

@ -27,7 +27,6 @@
      BindsTo=ssh-agent.service
      Description=ssh-tpm-agent service
      Documentation=https://github.com/Foxboron/ssh-tpm-agent
-      RefuseManualStart=yes
      Requires=ssh-tpm-agent.socket
    ''}

@ -36,9 +35,7 @@
      WantedBy=sockets.target

      [Socket]
-      DirectoryMode=0700
      ListenStream=%t/ssh-tpm-agent.sock
-      RuntimeDirectory=ssh-tpm-agent
      Service=ssh-tpm-agent.service
      SocketMode=0600

--- a/tests/modules/services/ssh-tpm-agent/standalone.nix
+++ b/tests/modules/services/ssh-tpm-agent/standalone.nix
@ -16,7 +16,7 @@
    assertFileContent $serviceFile ${builtins.toFile "expected-service" ''
      [Service]
      Environment=SSH_TPM_AUTH_SOCK=%t/ssh-tpm-agent.sock
-      ExecStart=@ssh-tpm-agent@/bin/dummy -l %t/ssh-tpm-agent.sock
+      ExecStart=@ssh-tpm-agent@/bin/dummy
      SuccessExitStatus=2
      Type=simple

@ -24,7 +24,6 @@
      After=ssh-tpm-agent.socket
      Description=ssh-tpm-agent service
      Documentation=https://github.com/Foxboron/ssh-tpm-agent
-      RefuseManualStart=true
      Requires=ssh-tpm-agent.socket
    ''}

@ -33,9 +32,7 @@
      WantedBy=sockets.target

      [Socket]
-      DirectoryMode=0700
      ListenStream=%t/ssh-tpm-agent.sock
-      RuntimeDirectory=ssh-tpm-agent
      Service=ssh-tpm-agent.service
      SocketMode=0600