From 417175096aef38c6a72acbbcfdba636c723ab79e Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Fri, 25 Jul 2014 00:15:46 +0200 Subject: services: Use system groups where applicable. * gnu/services/avahi.scm (avahi-service): Add 'system?' field to 'user-group' form. * gnu/services/base.scm (guix-service): Likewise. * gnu/services/dbus.scm (dbus-service): Likewise. * gnu/services/networking.scm (tor-service): Likewise. --- gnu/services/avahi.scm | 3 ++- gnu/services/base.scm | 1 + gnu/services/dbus.scm | 3 ++- gnu/services/networking.scm | 3 ++- 4 files changed, 7 insertions(+), 3 deletions(-) diff --git a/gnu/services/avahi.scm b/gnu/services/avahi.scm index e8da6be5f5..48a2c75927 100644 --- a/gnu/services/avahi.scm +++ b/gnu/services/avahi.scm @@ -96,7 +96,8 @@ sockets." (mkdir-p "/var/run/avahi-daemon"))) (user-groups (list (user-group - (name "avahi")))) + (name "avahi") + (system? #t)))) (user-accounts (list (user-account (name "avahi") (group "avahi") diff --git a/gnu/services/base.scm b/gnu/services/base.scm index 342b3c1488..e1d247e8d3 100644 --- a/gnu/services/base.scm +++ b/gnu/services/base.scm @@ -472,6 +472,7 @@ passed to @command{guix-daemon}." (user-accounts accounts) (user-groups (list (user-group (name builder-group) + (system? #t) ;; Use a fixed GID so that we can create the ;; store with the right owner. diff --git a/gnu/services/dbus.scm b/gnu/services/dbus.scm index 6076317ee5..5da7f14605 100644 --- a/gnu/services/dbus.scm +++ b/gnu/services/dbus.scm @@ -86,7 +86,8 @@ and policy files. For example, to allow avahi-daemon to use the system bus, (string-append "--config-file=" #$conf "/system.conf")))) (stop #~(make-kill-destructor)) (user-groups (list (user-group - (name "messagebus")))) + (name "messagebus") + (system? #t)))) (user-accounts (list (user-account (name "messagebus") (group "messagebus") diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm index 502b0d85f1..6a7d194659 100644 --- a/gnu/services/networking.scm +++ b/gnu/services/networking.scm @@ -107,7 +107,8 @@ policy) as the @code{tor} unprivileged user." (stop #~(make-kill-destructor)) (user-groups (list (user-group - (name "tor")))) + (name "tor") + (system? #t)))) (user-accounts (list (user-account (name "tor") (group "tor") -- cgit 1.4.1