summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--doc/guix.texi7
-rw-r--r--gnu/services/base.scm24
-rw-r--r--gnu/tests/desktop.scm8
3 files changed, 26 insertions, 13 deletions
diff --git a/doc/guix.texi b/doc/guix.texi
index 0642b83923..7bce8a567c 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -18559,6 +18559,13 @@ the 'root' account has just been created.
 @item @code{terminals} (default: @code{'()})
 List of @code{greetd-terminal-configuration} per terminal for which
 @code{greetd} should be started.
+
+@item @code{greeter-supplementary-groups} (default: @code{'()})
+List of groups which should be added to @code{greeter} user. For instance:
+@lisp
+(greeter-supplementary-groups '("seat" "video"))
+@end lisp
+Note that this example will fail if @code{seat} group does not exist.
 @end table
 @end deftp
 
diff --git a/gnu/services/base.scm b/gnu/services/base.scm
index 27eae75c46..bb11732de2 100644
--- a/gnu/services/base.scm
+++ b/gnu/services/base.scm
@@ -2918,17 +2918,6 @@ to handle."
      "user = " default-session-user "\n"
      "command = " default-session-command "\n")))
 
-(define %greetd-accounts
-  (list (user-account
-         (name "greeter")
-         (group "greeter")
-         ;; video group is required for graphical greeters.
-         (supplementary-groups '("video"))
-         (system? #t))
-        (user-group
-         (name "greeter")
-         (system? #t))))
-
 (define %greetd-file-systems
   (list (file-system
           (device "none")
@@ -2956,7 +2945,16 @@ to handle."
   greetd-configuration?
   (motd greetd-motd (default %default-motd))
   (allow-empty-passwords? greetd-allow-empty-passwords? (default #t))
-  (terminals greetd-terminals (default '())))
+  (terminals greetd-terminals (default '()))
+  (greeter-supplementary-groups greetd-greeter-supplementary-groups (default '())))
+
+(define (greetd-accounts config)
+  (list (user-group (name "greeter") (system? #t))
+        (user-account
+         (name "greeter")
+         (group "greeter")
+         (supplementary-groups (greetd-greeter-supplementary-groups config))
+         (system? #t))))
 
 (define (make-greetd-pam-mount-conf-file config)
   (computed-file
@@ -3033,7 +3031,7 @@ mount/unmount /run/user/<uid> directory for user and @code{greetd}
 login manager daemon.")
    (extensions
     (list
-     (service-extension account-service-type (const %greetd-accounts))
+     (service-extension account-service-type greetd-accounts)
      (service-extension file-system-service-type (const %greetd-file-systems))
      (service-extension etc-service-type greetd-etc-service)
      (service-extension pam-root-service-type greetd-pam-service)
diff --git a/gnu/tests/desktop.scm b/gnu/tests/desktop.scm
index 6fe6ec21be..95b33da25e 100644
--- a/gnu/tests/desktop.scm
+++ b/gnu/tests/desktop.scm
@@ -122,6 +122,7 @@
     (service seatd-service-type)
     (service greetd-service-type
              (greetd-configuration
+              (greeter-supplementary-groups '("input" "video"))
               (terminals
                (list
                 ;; we can make any terminal active by default
@@ -295,6 +296,13 @@ minimal %BASE-SERVICES."
               (marionette-type "echo alice > /run/user/1000/test\n" marionette)
               (file-get-all-strings "/run/user/1000/test")))
 
+          (test-equal "check greeter user has correct groups"
+            "greeter input video\n"
+            (begin
+              (marionette-type "id -Gn greeter > /run/user/1000/greeter-groups\n"
+                               marionette)
+              (file-get-all-strings "/run/user/1000/greeter-groups")))
+
           (test-assert "screendump"
             (begin
               (marionette-control (string-append "screendump " #$output