summary refs log tree commit diff
diff options
context:
space:
mode:
authormuradm <mail@muradm.net>2023-05-13 21:38:00 +0300
committerMaxim Cournoyer <maxim.cournoyer@gmail.com>2023-05-23 20:26:19 -0400
commite02584b456a3f9c00b303ef4815d892a47edc2e6 (patch)
treeee74372a513d76089dc2a8caac3e58995da4256f
parent297ba5c15a32845ab8514aeb6f405ebd4290142d (diff)
downloadguix-e02584b456a3f9c00b303ef4815d892a47edc2e6.tar.gz
services: cups: Add cups PAM service.
Fixes <https://issues.guix.gnu.org/63198>.

Have the CUPS service extend pam-root-service-type providing minimal
configuration to authenticate users.  Since PAM authentication is provided,
the regular cups package can be used as default instead of the minimal,
PAM-lacking variant.

* gnu/services/cups.scm (cups-configuration)
[cups]: Replace cups-minimal with cups.
[allow-empty-password?]: PAM service configuration permitting empty passwords.
(opaque-cups-configuration): Likewise.
(cups-pam-service): New procedure.
(cups-service-type): Extend pam-root-service-type with cups-pam-service.

Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
-rw-r--r--gnu/services/cups.scm22
1 files changed, 20 insertions, 2 deletions
diff --git a/gnu/services/cups.scm b/gnu/services/cups.scm
index c6099d77e7..d95c38b4d9 100644
--- a/gnu/services/cups.scm
+++ b/gnu/services/cups.scm
@@ -5,6 +5,7 @@
 ;;; Copyright © 2019 Alex Griffin <a@ajgrf.com>
 ;;; Copyright © 2019 Tobias Geerinckx-Rice <me@tobias.gr>
 ;;; Copyright © 2021 Maxime Devos <maximedevos@telenet.be>
+;;; Copyright © 2023 muradm <mail@muradm.net>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -25,6 +26,7 @@
   #:use-module (gnu services)
   #:use-module (gnu services shepherd)
   #:use-module (gnu services configuration)
+  #:use-module (gnu system pam)
   #:use-module (gnu system shadow)
   #:use-module (gnu packages admin)
   #:use-module (gnu packages cups)
@@ -500,8 +502,11 @@ programs.")
 
 (define-configuration cups-configuration
   (cups
-   (file-like cups-minimal)
+   (file-like cups)
    "The CUPS package.")
+  (allow-empty-password?
+   (boolean #f)
+   "Specifies whether empty passwords will be allowed when authenticating via PAM.")
   (extensions
    (package-list (list brlaser cups-filters epson-inkjet-printer-escpr
                        foomatic-filters hplip-minimal splix))
@@ -841,8 +846,11 @@ IPP specifications.")
 
 (define-configuration opaque-cups-configuration
   (cups
-   (package cups-minimal)
+   (package cups)
    "The CUPS package.")
+  (allow-empty-password?
+   (boolean #f)
+   "Specifies whether empty passwords will be allowed when authenticating via PAM.")
   (extensions
    (package-list '())
    "Drivers and other extensions to the CUPS package.")
@@ -1006,6 +1014,14 @@ extensions that it uses."
                            "-f" "-c" #$cupsd.conf "-s" #$cups-files.conf)))
            (stop #~(make-kill-destructor))))))
 
+(define (cups-pam-service config)
+  (let ((allow-empty-password?
+         (if (opaque-cups-configuration? config)
+             (opaque-cups-configuration-allow-empty-password? config)
+             (cups-configuration-allow-empty-password? config))))
+    (list (unix-pam-service "cups"
+                            #:allow-empty-passwords? allow-empty-password?))))
+
 (define cups-service-type
   (service-type (name 'cups)
                 (extensions
@@ -1013,6 +1029,8 @@ extensions that it uses."
                                           cups-shepherd-service)
                        (service-extension activation-service-type
                                           (const %cups-activation))
+                       (service-extension pam-root-service-type
+                                          cups-pam-service)
                        (service-extension account-service-type
                                           (const %cups-accounts))))