Age | Commit message (Collapse) | Author |
|
When the 'stop' method returns a truth value, shepherd interprets it as
potential failure and logs it.
* gnu/system/pam.scm (pam-shepherd-service): Change 'stop' method to
return #f.
|
|
* gnu/system/pam.scm (<pam-extension>): New record type.
(pam-shepherd-service): Add Shepherd synchronization point.
* gnu/services/mail.scm (dovecot-shepherd-service)
* gnu/services/lightdm.scm (lightdm-shepherd-service)
* gnu/services/mail.scm (opensmtpd-shepherd-service)
* gnu/services/sddm.scm (sddm-shepherd-service)
* gnu/services/ssh.scm (lsh-shepherd-service, openssh-shepherd-service)
* gnu/services/xorg.scm (slim-shepherd-service, gdm-shepherd-service)
* gnu/services/base.scm (greetd-shepherd-services): Add PAM requirement.
* gnu/system/pam.scm (/etc-entry, extend-configuration,
pam-root-service-type, pam-root-service)
* gnu/services/authentication.scm (pam-ldap-pam-service)
* gnu/services/base.scm (pam-limits-service-type)
(greetd-pam-service)
* gnu/services/desktop.scm (pam-gnome-keyring)
* gnu/services/kerberos.scm (pam-krb5-pam-service)
* gnu/services/pam-mount.scm (pam-mount-pam-service): Adapt to use
pam-extension.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|
* gnu/packages/patches/linux-pam-unix_chkpwd.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/linux.scm (linux-pam): Use it.
* gnu/system/pam.scm (pam-root-service-type): Add unix_chkpwd to setuid.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
|
|
Fixes <https://issues.guix.gnu.org/52539>.
Reported by Jacob First <jacob.first@member.fsf.org>.
* gnu/build/accounts.scm (allocate-passwd): Add comment as to why
'real-name' is taken from PREVIOUS. Add (not system?) to the
condition.
* gnu/system.scm (operating-system-etc-service) <login.defs>: Add
"CHFN_RESTRICT".
* gnu/system.scm (%setuid-programs): Add "chfn".
* gnu/system/pam.scm (base-pam-services): Add "chfn".
* doc/guix.texi (User Accounts): Document it.
|
|
* gnu/system/pam.scm (unix-pam-service): Add account and session PAM entries
for pam-gnupg. Don't pass "#f" to "allow-root?" argument, because "lambda*"
already does this by default.
* doc/guix.texi (X Window): Document this.
* gnu/services/xorg.scm (<slim-configuration>)[gnupg?]: New record field.
(slim-pam-service): Pass "#:gnupg?" argument to "unix-pam-service".
|
|
* gnu/services/dbus.scm (polkit-service-type)[description]: New field.
* gnu/services/dict.scm (dicod-service-type)[description]: New field.
* gnu/services/dns.scm (knot-service-type)[description]: New field.
* gnu/services/networking.scm (dhcpd-service-type)[description]: New field.
* gnu/services/shepherd.scm (shepherd-root-service-type)[description]:
New field.
* gnu/services/xorg.scm (slim-service-type)[description]: New field.
(screen-locker-service-type)[description]: New field.
* gnu/system/pam.scm (pam-root-service-type)[description]: New field.
* gnu/system/shadow.scm (account-service-type)[description]: New field.
|
|
* gnu/system/pam.scm (unix-pam-service): Add #:login-uid? parameter. In
then 'session' field, add "pam_loginuid.so" as required when LOGIN-UID?
is true.
|
|
* gnu/services/base.scm (environment-variables->environment-file)
(session-environment-service-type)
(session-environment-service): Move to...
* gnu/system/pam.scm: ... here.
|
|
* gnu/system/pam.scm (unix-pam-service): Add pam-entry for "pam_rootok.so" to
auth field when ALLOW-ROOT? is #T.
(base-pam-services): Allow root to run "su" without authentication.
|
|
* gnu/system/pam.scm: Remove incorrect comment.
|
|
* gnu/system/pam.scm (<pam-limits-entry>): New record type.
(pam-limits-entry, pam-limits-entry->string): New procedures.
* gnu/services/base.scm (pam-limits-service-type): New variable.
(pam-limits-service): New procedure.
* doc/guix.texi (Base Services): Document it.
|
|
* gnu/system/pam.scm (<pam-configuration>): New record type.
(/etc-entry): Change 'services' parameter' to 'config'. Honor the
'transform' field of CONFIG.
(extend-configuration): New procedure.
(pam-root-service-type): Use EXTEND-CONFIGURATION as the 'extend'
field.
(pam-root-service): Add #:transform parameter. Service value is a
<pam-configuration>.
|
|
* gnu/system/pam.scm: Export <pam-service> and <pam-entry> accessors.
|
|
* gnu/system/pam.scm (unix-pam-service): Add pam_env module to the session group.
|
|
* gnu/system/linux.scm: Rename to...
* gnu/system/pam.scm: ... this.
* gnu-system.am (GNU_SYSTEM_MODULES): Adjust accordingly.
* gnu.scm, gnu/services/base.scm, gnu/services/desktop.scm,
gnu/services/networking.scm, gnu/services/ssh.scm,
gnu/services/xorg.scm, gnu/system.scm, gnu/system/vm.scm: Likewise.
|