I am trying to add Kippo [1] (SSH honeypot) to NixOS. The executable is actually just a script that runs twisted with some arguments. The first problem was with things like log files, filesystems, pids, etc, being read only. I have been able to get past that by placing some of it in /var. Some hardcoded paths in the source are fixed using substituteInPlace. I'm not sure if this is the last problem, but I some logs [2] suggest it is related to the comment located in python-packages.nix:
# Generate Twisted's plug-in cache. Twited users must do it as well. See 6724 # http://twistedmatrix.com/documents/current/core/howto/plugin.html#auto3 6725 # and http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=477103 for 6726 # details. 6727 postInstall = "$out/bin/twistd --help > /dev/null"; I have attempted something similar and looked at the nevow package which seems to have a similar dependency, but this doesn't seem to be working. I guess another way to approach the problem is to not even consider Kippo: are there any other medium to high interaction SSH honeypot solutions? Perhaps leveraging some NixOS specific tools? a VM? Create an expression of a simple build, build-vm, then route traffic to it? but I don't know the specifics about the security and preventing information and my Nix store from being read. -Tom [1] https://code.google.com/p/kippo/ [2] twistd[11962]: exceptions.OSError: [Errno 30] Read-only file system: '/nix/store/xsy4qrw8r77hbl6ncd8hz6xd743kvisi-python2.7-twisted-10.2.0/lib/python2.7/site-packages/Twisted-10.2.0-py2.7-linux-x86_64.egg/twisted/plugins/6XC4rz_Y6ka_p9v-dropin.cache.new' and in the twistd log itself, this is the last entry: twistd 10.2.0 (/nix/store/1i5rd0mp4x57gzjii9z2pg3mjgzj95q6-python-2.7.5/bin/python2.7 2.7.5) starting up. reactor class: twisted.internet.selectreactor.SelectReactor. _______________________________________________ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev