diff options
author | muradm <mail@muradm.net> | 2022-07-22 07:09:54 +0300 |
---|---|---|
committer | Liliana Marie Prikler <liliana.prikler@gmail.com> | 2022-08-26 18:48:37 +0200 |
commit | d1815a68ea48b0015d1beda423d4b2879d29d9ea (patch) | |
tree | fef6b03cfafd1a53b87562f52e5f1b3a161797e1 /gnu/services | |
parent | de2f419618b9929cf65b477568f21bc77e218b70 (diff) | |
download | guix-d1815a68ea48b0015d1beda423d4b2879d29d9ea.tar.gz |
gnu: seatd-service-type: Use seat group.
* gnu/services/desktop.scm (seatd-group-sanitizer): New variable. (<seatd-configuration>)[user]: Removed field. [group]: Changed to "seat". Sanitize via seatd-group-sanitizer. (seatd-accounts): New variable. (seatd-environment): Adjust to <seatd-configuration> ABI. (seatd-service-type)[extensions]: Add account-service-type with seatd-accounts. * gnu/tests/desktop.scm (run-minimal-desktop-test): Check for correct ownership of $SEATD_SOCK. * doc/guix.texi ("Desktop Services")[seatd-service-type]: Mention that users may need to become members of the "seat" group. Update default value for group field. Add explanation on seatd.sock file. Remove dropped user field.
Diffstat (limited to 'gnu/services')
-rw-r--r-- | gnu/services/desktop.scm | 23 |
1 files changed, 17 insertions, 6 deletions
diff --git a/gnu/services/desktop.scm b/gnu/services/desktop.scm index f891d1b5cc..f60365abac 100644 --- a/gnu/services/desktop.scm +++ b/gnu/services/desktop.scm @@ -13,7 +13,7 @@ ;;; Copyright © 2020 Tobias Geerinckx-Rice <me@tobias.gr> ;;; Copyright © 2020 Reza Alizadeh Majd <r.majd@pantherx.org> ;;; Copyright © 2021 Brice Waegeneire <brice@waegenei.re> -;;; Copyright © 2021 muradm <mail@muradm.net> +;;; Copyright © 2021, 2022 muradm <mail@muradm.net> ;;; ;;; This file is part of GNU Guix. ;;; @@ -69,6 +69,7 @@ #:use-module (guix records) #:use-module (guix packages) #:use-module (guix store) + #:use-module (guix ui) #:use-module (guix utils) #:use-module (guix gexp) #:use-module (srfi srfi-1) @@ -1643,12 +1644,19 @@ or setting its password with passwd."))) ;;; seatd-service-type -- minimal seat management daemon ;;; +(define (seatd-group-sanitizer group-or-name) + (match group-or-name + ((? user-group? group) group) + ((? string? group-name) (user-group (name group-name) (system? #t))) + (_ (leave (G_ "seatd: '~a' is not a valid group~%") group-or-name)))) + (define-record-type* <seatd-configuration> seatd-configuration make-seatd-configuration seatd-configuration? (seatd seatd-package (default seatd)) - (user seatd-user (default "root")) - (group seatd-group (default "users")) + (group seatd-group ; string | <user-group> + (default "seat") + (sanitize seatd-group-sanitizer)) (socket seatd-socket (default "/run/seatd.sock")) (logfile seatd-logfile (default "/var/log/seatd.log")) (loglevel seatd-loglevel (default "info"))) @@ -1662,8 +1670,7 @@ or setting its password with passwd."))) (provision '(seatd elogind)) (start #~(make-forkexec-constructor (list #$(file-append (seatd-package config) "/bin/seatd") - "-u" #$(seatd-user config) - "-g" #$(seatd-group config)) + "-g" #$(user-group-name (seatd-group config))) #:environment-variables (list (string-append "SEATD_LOGLEVEL=" #$(seatd-loglevel config)) @@ -1672,9 +1679,12 @@ or setting its password with passwd."))) #:log-file #$(seatd-logfile config))) (stop #~(make-kill-destructor))))) +(define seatd-accounts + (match-lambda (($ <seatd-configuration> _ group) (list group)))) + (define seatd-environment (match-lambda - (($ <seatd-configuration> _ _ _ socket) + (($ <seatd-configuration> _ _ socket) `(("SEATD_SOCK" . ,socket))))) (define seatd-service-type @@ -1685,6 +1695,7 @@ to shared devices (graphics, input), without requiring the applications needing access to be root.") (extensions (list + (service-extension account-service-type seatd-accounts) (service-extension session-environment-service-type seatd-environment) ;; TODO: once cgroups is separate dependency we should not mount it here ;; for now it is mounted here, because elogind mounts it |