From 6983ded42bd3dcd29425cb6823e7c74640f28a00 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Sun, 14 Aug 2022 02:00:00 +0200 Subject: doc: Remove extraneous ‘Note…’. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * doc/guix.texi (File Systems): Remove a ‘Note that’ & begin a new paragraph. --- doc/guix.texi | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'doc') diff --git a/doc/guix.texi b/doc/guix.texi index 86cfe7d49c..64adafd3f9 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -16431,8 +16431,9 @@ Manual}, for more information on these flags. This is either @code{#f}, or a string denoting mount options passed to the file system driver. @xref{Mount-Unmount-Remount,,, libc, The GNU C Library Reference Manual}, for details and run @command{man 8 mount} for -options for various file systems. Note that the -@code{file-system-options->alist} and @code{alist->file-system-options} +options for various file systems. + +The @code{file-system-options->alist} and @code{alist->file-system-options} procedures from @code{(gnu system file-systems)} can be used to convert file system options given as an association list to the string representation, and vice-versa. -- cgit 1.4.1 From 6c2e14a43a86258204e19fe5cbac4a77374bab3f Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Sun, 14 Aug 2022 02:00:00 +0200 Subject: doc: Note the pitfalls of man 8 mount. * doc/guix.texi (File Systems): Warn against flags presented as options. --- doc/guix.texi | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'doc') diff --git a/doc/guix.texi b/doc/guix.texi index 64adafd3f9..b8b1b9ad7c 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -16430,8 +16430,11 @@ Manual}, for more information on these flags. @item @code{options} (default: @code{#f}) This is either @code{#f}, or a string denoting mount options passed to the file system driver. @xref{Mount-Unmount-Remount,,, libc, The GNU C -Library Reference Manual}, for details and run @command{man 8 mount} for -options for various file systems. +Library Reference Manual}, for details. + +Run @command{man 8 mount} for options for various file systems, but +beware that what it lists as file-system-independent ``mount options'' are +in fact flags, and belong in the @code{flags} field described above. The @code{file-system-options->alist} and @code{alist->file-system-options} procedures from @code{(gnu system file-systems)} can be used to convert -- cgit 1.4.1 From b379b4f4a256359f1067f4dc8cf9838ef2f57d26 Mon Sep 17 00:00:00 2001 From: Andrew Tropin Date: Fri, 28 Jan 2022 14:52:12 +0300 Subject: doc: Add files, xdg-configuration and symlink-manager home services. * doc/guix.texi (Essential Home Services): Add files, xdg-configuration-files and symlink-manager home services. --- doc/guix.texi | 83 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 83 insertions(+) (limited to 'doc') diff --git a/doc/guix.texi b/doc/guix.texi index b8b1b9ad7c..ae07677e2c 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -39562,12 +39562,95 @@ users @emph{should not} use this service, in most cases it's better to extend the required command using the appropriate service type. @end defvr +@defvr {Scheme Variable} home-files-service-type +The service of this type allows to specify a list of files, which will +go to @file{~/.guix-home/files}, usually this directory contains +configuration files (to be more precise it contains symlinks to files in +@file{/gnu/store}), which should be placed in @file{$XDG_CONFIG_DIR} or +in rare cases in @file{$HOME}. It accepts extension values in the +following format: + +@lisp +`((".sway/config" ,sway-file-like-object) + (".tmux.conf" ,(local-file "./tmux.conf"))) +@end lisp + +Each nested list contains two values: a subdirectory and file-like +object. After building a home environment @file{~/.guix-home/files} +will be populated with apropiate content and all nested directories will +be created accordingly, however, those files won't go any further until +some other service will do it. By default a +@code{home-symlink-manager-service-type}, which creates necessary +symlinks in home folder to files from @file{~/.guix-home/files} and +backs up already existing, but clashing configs and other things, is a +part of essential home services (enabled by default), but it's possible +to use alternative services to implement more advanced use cases like +read-only home. Feel free to experiment and share your results. +@end defvr + +@defvr {Scheme Variable} home-xdg-configuration-files-service-type +The service is very similiar to @code{home-files-service-type} (and +actually extends it), but used for defining files, which will go to +@file{~/.guix-home/files/.config}, which will be symlinked to +@file{$XDG_CONFIG_DIR} by @code{home-symlink-manager-service-type} (for +example) during activation. It accepts extension values in the +following format: + +@lisp +`(("sway/config" ,sway-file-like-object) + ;; -> ~/.guix-home/files/.config/sway/config + ;; -> $XDG_CONFIG_DIR/sway/config (by symlink-manager) + ("tmux/tmux.conf" ,(local-file "./tmux.conf"))) +@end lisp +@end defvr + @defvr {Scheme Variable} home-activation-service-type The service of this type generates a guile script, which runs on every @command{guix home reconfigure} invocation or any other action, which leads to the activation of the home environment. @end defvr +@defvr {Scheme Variable} home-symlink-manager-service-type +The service of this type generates a guile script, which will be +executed during activation of home environment, and do a few following +steps: + +@enumerate +@item +Reads the content of @file{files/} directory of current and pending home +environments. + +@item +Cleans up all symlinks created by symlink-manager on previous +activation. Also, sub-directories, which become empty also will be +cleaned up. + +@item +Creates new symlinks the following way: It looks @file{files/} directory +(usually defined with @code{home-files-service-type}, +@code{home-xdg-configuration-files-service-type} and maybe some others), +takes the files from @file{files/.config/} subdirectory and put +respective links in @env{XDG_CONFIG_DIR}. For example symlink for +@file{files/.config/sway/config} will end up in +@file{$XDG_CONFIG_DIR/sway/config}. The rest files in @file{files/} +outside of @file{files/.config/} subdirectory will be treated slightly +different: symlink will just go to @file{$HOME}. +@file{files/.some-program/config} will end up in +@file{$HOME/.some-program/config}. + +@item +If some sub-directories are missing, they will be created. + +@item +If there is a clashing files on the way, they will be backed up. + +@end enumerate + +symlink-manager is a part of essential home services and is enabled and +used by default. +@end defvr + + @node Shells Home Services @subsection Shells -- cgit 1.4.1 From 92b25a09c4e495b213b2f1add98aefc7e004ac59 Mon Sep 17 00:00:00 2001 From: Julien Lepiller Date: Mon, 15 Aug 2022 18:11:48 +0200 Subject: doc: Fix typos. * doc/guix.texi: Fix various typos found by translators. --- doc/guix.texi | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) (limited to 'doc') diff --git a/doc/guix.texi b/doc/guix.texi index ae07677e2c..023b48ae35 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -586,7 +586,7 @@ great time to try it and get involved! @item riscv64-linux little-endian 64-bit RISC-V processors, specifically RV64GC, and -Linux-Libre kernel. This playform is available as a "technology preview": +Linux-Libre kernel. This platform is available as a "technology preview": although it is supported, substitutes are not yet available from the build farm (@pxref{Substitutes}), and some packages may fail to build (@pxref{Tracking Bugs and Patches}). That said, the Guix community is @@ -7615,7 +7615,7 @@ procedure returns. Return the list of inputs required by @var{package} for development purposes on @var{system}. When @var{target} is true, return the inputs needed to cross-compile @var{package} from @var{system} to -@var{triplet}, where @var{triplet} is a triplet such as +@var{target}, where @var{target} is a triplet such as @code{"aarch64-linux-gnu"}. Note that the result includes both explicit inputs and implicit @@ -15809,8 +15809,8 @@ cross-compilation, because every instruction needs to be emulated. The availability of substitutes for the architecture targeted by the @code{--system} option can mitigate this problem. An other way to work -around it is to install GNU Guix on a machine which CPU is supporting -the targeted instruction set, an set it up as an offload machine +around it is to install GNU Guix on a machine whose CPU supports +the targeted instruction set, and set it up as an offload machine (@pxref{Daemon Offload Setup}). @node System Configuration @@ -23339,7 +23339,7 @@ Script file to use as @file{default.pa}. In case the directive pointing to @file{/etc/pulse/default.pa.d} is appended to the provided script. -@item @code{extra-script-files} (default: @code{'())}) +@item @code{extra-script-files} (default: @code{'()}) A list of file-like objects defining extra PulseAudio scripts to run at the initialization of the @command{pulseaudio} daemon, after the main @code{script-file}. The scripts are deployed to the @@ -36666,9 +36666,9 @@ Set the mount @emph{options} of the root file system. It overrides the @item fsck.mode=@var{mode} Whether to check the @var{root} file system for errors before mounting it. @var{mode} is one of @code{skip} (never check), @code{force} (always -check), or @code{auto} to respect the root file-system object's 'check?' -setting (@pxref{File Systems}) and run a full scan only if the file system -was not cleanly shut down. +check), or @code{auto} to respect the root @code{} object's +@code{check?} setting (@pxref{File Systems}) and run a full scan only if +the file system was not cleanly shut down. @code{auto} is the default if this option is not present or if @var{mode} is not one of the above. @@ -38932,7 +38932,7 @@ In some cases multiple different configuration records might be defined in the same file, but their serializers for the same type might have to be different, because they have different configuration formats. For example, the @code{serialize-boolean} procedure for the Getmail service -would have to be different for the one for the Transmission service. To +would have to be different from the one for the Transmission service. To make it easier to deal with this situation, one can specify a serializer prefix by using the @code{prefix} literal in the @code{define-configuration} form. This means that one doesn't have to @@ -39014,7 +39014,7 @@ serializer name by using the @code{prefix} literal. (define-maybe integer (prefix baz-)) -(define (baz-serialize-interger field-name value) +(define (baz-serialize-integer field-name value) @dots{}) @end lisp @@ -39241,7 +39241,7 @@ software, configuration, and state. Software in mainstream distros are usually installed system-wide, but with GNU Guix most software packages can be installed on a per-user basis without needing root privileges, and are thus considered part of the user’s @dfn{home environment}. -Packages on their own not very useful in many cases, because often they +Packages on their own are not very useful in many cases, because often they require some additional configuration, usually config files that reside in @env{XDG_CONFIG_HOME} (@file{~/.config} by default) or other directories. Everything else can be considered state, like media files, @@ -39401,12 +39401,12 @@ specified) will ignore @file{~/.profile}, even if @file{~/.zprofile} doesn't exist. To make your shell respect @file{~/.profile}, add @code{. ~/.profile} or -@code{source ~/profile} to the startup file for the login shell. In +@code{source ~/.profile} to the startup file for the login shell. In case of Bash, it is @file{~/.bash_profile}, and in case of Zsh, it is @file{~/.zprofile}. @quotation Note -This step is only required if your shell is NOT managed by Guix Home. +This step is only required if your shell is @emph{not} managed by Guix Home. Otherwise, everything will be done automatically. @end quotation @@ -39498,7 +39498,7 @@ export _JAVA_AWT_WM_NONREPARENTING @quotation Note Make sure that module @code{(gnu packages shells)} is imported with @code{use-modules} or any other way, this namespace contains the -definition of the @code{zsh} packages, which is used in the example +definition of the @code{zsh} package, which is used in the example above. @end quotation @@ -39720,7 +39720,7 @@ added after the contents of the @code{bash-profile} field. Association list of aliases to set for the Bash session. The aliases will be defined after the contents of the @code{bashrc} field has been put in the @file{.bashrc} file. The alias will automatically be quoted, -so something line this: +so something like this: @lisp '(("ls" . "ls -alF")) @@ -39754,7 +39754,7 @@ process for example). @end deftp You can extend the Bash service by using the @code{home-bash-extension} -configuration record, whose fields most mirror that of +configuration record, whose fields must mirror that of @code{home-bash-configuration} (@pxref{home-bash-configuration}). The contents of the extensions will be added to the end of the corresponding Bash configuration files (@pxref{Bash Startup Files,,, bash, The GNU -- cgit 1.4.1 From 1c803e63f9560b93afeec9f7342f4413ff3cec46 Mon Sep 17 00:00:00 2001 From: Maxim Cournoyer Date: Wed, 24 Aug 2022 14:40:38 +0200 Subject: services: configuration: Add a 'maybe-value-set?' procedure. * gnu/services/configuration.scm (maybe-value-set?): New procedure. * doc/guix.texi (Complex Configurations): Document it. Remove comment showing usage of 'maybe-string' with a default value, which doesn't make sense. Co-authored-by: Attila Lendvai --- doc/guix.texi | 7 ++++++- gnu/services/configuration.scm | 15 ++++++++++----- 2 files changed, 16 insertions(+), 6 deletions(-) (limited to 'doc') diff --git a/doc/guix.texi b/doc/guix.texi index 023b48ae35..c8f18a1482 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -39003,7 +39003,7 @@ to be a string, or left unspecified. (name ;; If set to a string, the `serialize-string' procedure will be used ;; to serialize the string. Otherwise this field is not serialized. - maybe-string ; equivalent to (maybe-string *unspecified*) + maybe-string "The name of this module.")) @end lisp @@ -39034,6 +39034,11 @@ whether its value is set or not. @end lisp @end deffn +@deffn (Scheme Procedure) maybe-value-set? @var{value} +Predicate to check whether a user explicitly specified the value of a +maybe field. +@end deffn + @deffn {Scheme Procedure} serialize-configuration @var{configuration} @ @var{fields} Return a G-expression that contains the values corresponding to the diff --git a/gnu/services/configuration.scm b/gnu/services/configuration.scm index 3007e8de35..e2c4fe9998 100644 --- a/gnu/services/configuration.scm +++ b/gnu/services/configuration.scm @@ -57,6 +57,7 @@ serialize-configuration define-maybe define-maybe/no-serialization + maybe-value-set? generate-documentation configuration->documentation empty-serializer @@ -142,7 +143,8 @@ does not have a default value" field kind))) (id #'stem #'serialize-maybe- #'stem)))) #`(begin (define (maybe-stem? val) - (or (eq? val 'unset) (stem? val))) + (or (not (maybe-value-set? val)) + (stem? val))) #,@(if serialize? (list #'(define (serialize-maybe-stem field-name val) (if (stem? val) @@ -260,11 +262,10 @@ does not have a default value" field kind))) (default-value-thunk (lambda () (display '#,(id #'stem #'% #'stem)) - (if (eq? (syntax->datum field-default) - 'unset) + (if (maybe-value-set? (syntax->datum field-default)) + field-default (configuration-missing-default-value - '#,(id #'stem #'% #'stem) 'field) - field-default))) + '#,(id #'stem #'% #'stem) 'field)))) (documentation doc)) ...)))))))) @@ -300,6 +301,10 @@ does not have a default value" field kind))) (define (empty-serializer field-name val) "") (define serialize-package empty-serializer) +(define (maybe-value-set? value) + "Predicate to check whether a 'maybe' value was explicitly provided." + (not (eq? 'unset value))) + ;; A little helper to make it easier to document all those fields. (define (generate-documentation documentation documentation-name) (define (str x) (object->string x)) -- cgit 1.4.1 From 98457ba47be4e8fc48a5d6256787c7a8dbd82b31 Mon Sep 17 00:00:00 2001 From: Maxim Cournoyer Date: Thu, 25 Aug 2022 00:10:57 -0400 Subject: doc: Replace remaining 'unset mentions with %unset-value. * doc/guix.texi (Networking Services): Replace 'unset with %unset-value. (Power Management Services): Likewise. (Complex Configurations): Likewise. --- doc/guix.texi | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'doc') diff --git a/doc/guix.texi b/doc/guix.texi index c8f18a1482..1e7fff9868 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -19846,7 +19846,7 @@ network. A specific port value can be provided by appending the @code{:PORT} suffix. By default, it uses the Jami bootstrap nodes, but any host can be specified here. It's also possible to disable bootstrapping by explicitly setting this field to the -@code{'unset} value. +@code{%unset-value} value. @item @code{port} (default: @code{4222}) (type: maybe-number) The UDP port to bind to. When left unspecified, an available port is @@ -31362,7 +31362,7 @@ Each parameter definition is preceded by its type; for example, @samp{boolean foo} indicates that the @code{foo} parameter should be specified as a boolean. Types starting with @code{maybe-} denote parameters that won't show up in TLP config file when their value is -left unset, or is explicitly set to the @code{'unset} value. +left unset, or is explicitly set to the @code{%unset-value} value. @c The following documentation was initially generated by @c (generate-tlp-documentation) in (gnu services pm). Manually maintained @@ -38983,8 +38983,7 @@ macro which is a shorthand of this. Sometimes a field should not be serialized if the user doesn’t specify a value. To achieve this, you can use the @code{define-maybe} macro to define a ``maybe type''; if the value of a maybe type is left unset, or -is set to the @code{'unset} value, then it will not be -serialized. +is set to the @code{%unset-value} value, then it will not be serialized. When defining a ``maybe type'', the corresponding serializer for the regular type will be used by default. For example, a field of type -- cgit 1.4.1 From d1815a68ea48b0015d1beda423d4b2879d29d9ea Mon Sep 17 00:00:00 2001 From: muradm Date: Fri, 22 Jul 2022 07:09:54 +0300 Subject: gnu: seatd-service-type: Use seat group. * gnu/services/desktop.scm (seatd-group-sanitizer): New variable. ()[user]: Removed field. [group]: Changed to "seat". Sanitize via seatd-group-sanitizer. (seatd-accounts): New variable. (seatd-environment): Adjust to ABI. (seatd-service-type)[extensions]: Add account-service-type with seatd-accounts. * gnu/tests/desktop.scm (run-minimal-desktop-test): Check for correct ownership of $SEATD_SOCK. * doc/guix.texi ("Desktop Services")[seatd-service-type]: Mention that users may need to become members of the "seat" group. Update default value for group field. Add explanation on seatd.sock file. Remove dropped user field. --- doc/guix.texi | 29 +++++++++++++++++++++++++---- gnu/services/desktop.scm | 23 +++++++++++++++++------ gnu/tests/desktop.scm | 9 +++++++++ 3 files changed, 51 insertions(+), 10 deletions(-) (limited to 'doc') diff --git a/doc/guix.texi b/doc/guix.texi index 1e7fff9868..0642b83923 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -23189,6 +23189,30 @@ input), without requiring the applications needing access to be root. %base-services) @end lisp + +@code{seatd} operates over a UNIX domain socket, with @code{libseat} +providing the client side of the protocol. Applications that acquire +access to the shared resources via @code{seatd} (e.g. @code{sway}) +need to be able to talk to this socket. +This can be achieved by adding the user they run under to the group +owning @code{seatd}'s socket (usually ``seat''), like so: + +@lisp +(user-account + (name "alice") + (group "users") + (supplementary-groups '("wheel" ; allow use of sudo, etc. + "seat" ; seat management + "audio" ; sound card + "video" ; video devices such as webcams + "cdrom")) ; the good ol' CD-ROM + (comment "Bob's sister")) +@end lisp + +Depending on your setup, you will have to not only add regular users, +but also system users to this group. For instance, some greetd greeters +require graphics and therefore also need to negotiate with seatd. + @end defvr @deftp {Data Type} seatd-configuration @@ -23198,10 +23222,7 @@ Configuration record for the seatd daemon service. @item @code{seatd} (default: @code{seatd}) The seatd package to use. -@item @code{user} (default: @samp{"root"}) -User to own the seatd socket. - -@item @code{group} (default: @samp{"users"}) +@item @code{group} (default: @samp{"seat"}) Group to own the seatd socket. @item @code{socket} (default: @samp{"/run/seatd.sock"}) diff --git a/gnu/services/desktop.scm b/gnu/services/desktop.scm index f891d1b5cc..f60365abac 100644 --- a/gnu/services/desktop.scm +++ b/gnu/services/desktop.scm @@ -13,7 +13,7 @@ ;;; Copyright © 2020 Tobias Geerinckx-Rice ;;; Copyright © 2020 Reza Alizadeh Majd ;;; Copyright © 2021 Brice Waegeneire -;;; Copyright © 2021 muradm +;;; Copyright © 2021, 2022 muradm ;;; ;;; This file is part of GNU Guix. ;;; @@ -69,6 +69,7 @@ #:use-module (guix records) #:use-module (guix packages) #:use-module (guix store) + #:use-module (guix ui) #:use-module (guix utils) #:use-module (guix gexp) #:use-module (srfi srfi-1) @@ -1643,12 +1644,19 @@ or setting its password with passwd."))) ;;; seatd-service-type -- minimal seat management daemon ;;; +(define (seatd-group-sanitizer group-or-name) + (match group-or-name + ((? user-group? group) group) + ((? string? group-name) (user-group (name group-name) (system? #t))) + (_ (leave (G_ "seatd: '~a' is not a valid group~%") group-or-name)))) + (define-record-type* seatd-configuration make-seatd-configuration seatd-configuration? (seatd seatd-package (default seatd)) - (user seatd-user (default "root")) - (group seatd-group (default "users")) + (group seatd-group ; string | + (default "seat") + (sanitize seatd-group-sanitizer)) (socket seatd-socket (default "/run/seatd.sock")) (logfile seatd-logfile (default "/var/log/seatd.log")) (loglevel seatd-loglevel (default "info"))) @@ -1662,8 +1670,7 @@ or setting its password with passwd."))) (provision '(seatd elogind)) (start #~(make-forkexec-constructor (list #$(file-append (seatd-package config) "/bin/seatd") - "-u" #$(seatd-user config) - "-g" #$(seatd-group config)) + "-g" #$(user-group-name (seatd-group config))) #:environment-variables (list (string-append "SEATD_LOGLEVEL=" #$(seatd-loglevel config)) @@ -1672,9 +1679,12 @@ or setting its password with passwd."))) #:log-file #$(seatd-logfile config))) (stop #~(make-kill-destructor))))) +(define seatd-accounts + (match-lambda (($ _ group) (list group)))) + (define seatd-environment (match-lambda - (($ _ _ _ socket) + (($ _ _ socket) `(("SEATD_SOCK" . ,socket))))) (define seatd-service-type @@ -1685,6 +1695,7 @@ to shared devices (graphics, input), without requiring the applications needing access to be root.") (extensions (list + (service-extension account-service-type seatd-accounts) (service-extension session-environment-service-type seatd-environment) ;; TODO: once cgroups is separate dependency we should not mount it here ;; for now it is mounted here, because elogind mounts it diff --git a/gnu/tests/desktop.scm b/gnu/tests/desktop.scm index 25971f9225..6fe6ec21be 100644 --- a/gnu/tests/desktop.scm +++ b/gnu/tests/desktop.scm @@ -255,6 +255,15 @@ minimal %BASE-SERVICES." (socks (map wait-for-unix-socket-m socks))) (and (= 2 (length socks)) (every identity socks))))) + (test-equal "seatd.sock ownership" + '("root" "seat") + `(,(marionette-eval + '(passwd:name (getpwuid (stat:uid (stat "/run/seatd.sock")))) + marionette) + ,(marionette-eval + '(group:name (getgrgid (stat:gid (stat "/run/seatd.sock")))) + marionette))) + (test-assert "greetd is ready" (begin (marionette-type "ps -C greetd -o pid,args --no-headers > ps-greetd\n" -- cgit 1.4.1 From cac3914dfc354eb31c09958c6bc047adad682ea0 Mon Sep 17 00:00:00 2001 From: muradm Date: Fri, 22 Jul 2022 14:28:57 +0300 Subject: gnu: greetd-service-type: Add supplementary groups to greeter. * gnu/services/base.scm () [greeter-supplementary-groups]: New field. (%greetd-accounts): Rename to... (greetd-accounts): ... this. Convert to a function that takes a config argument. Use greeter-supplementary-groups. (greetd-service-type): Adjust accordingly. * gnu/tests/desktop.scm (%minimal-services): Add test for greeter-supplementary-groups. * doc/guix.texi ("Base Services")[greetd-service-type]: Document greeter-supplementary-groups. --- doc/guix.texi | 7 +++++++ gnu/services/base.scm | 24 +++++++++++------------- gnu/tests/desktop.scm | 8 ++++++++ 3 files changed, 26 insertions(+), 13 deletions(-) (limited to 'doc') diff --git a/doc/guix.texi b/doc/guix.texi index 0642b83923..7bce8a567c 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -18559,6 +18559,13 @@ the 'root' account has just been created. @item @code{terminals} (default: @code{'()}) List of @code{greetd-terminal-configuration} per terminal for which @code{greetd} should be started. + +@item @code{greeter-supplementary-groups} (default: @code{'()}) +List of groups which should be added to @code{greeter} user. For instance: +@lisp +(greeter-supplementary-groups '("seat" "video")) +@end lisp +Note that this example will fail if @code{seat} group does not exist. @end table @end deftp diff --git a/gnu/services/base.scm b/gnu/services/base.scm index 27eae75c46..bb11732de2 100644 --- a/gnu/services/base.scm +++ b/gnu/services/base.scm @@ -2918,17 +2918,6 @@ to handle." "user = " default-session-user "\n" "command = " default-session-command "\n"))) -(define %greetd-accounts - (list (user-account - (name "greeter") - (group "greeter") - ;; video group is required for graphical greeters. - (supplementary-groups '("video")) - (system? #t)) - (user-group - (name "greeter") - (system? #t)))) - (define %greetd-file-systems (list (file-system (device "none") @@ -2956,7 +2945,16 @@ to handle." greetd-configuration? (motd greetd-motd (default %default-motd)) (allow-empty-passwords? greetd-allow-empty-passwords? (default #t)) - (terminals greetd-terminals (default '()))) + (terminals greetd-terminals (default '())) + (greeter-supplementary-groups greetd-greeter-supplementary-groups (default '()))) + +(define (greetd-accounts config) + (list (user-group (name "greeter") (system? #t)) + (user-account + (name "greeter") + (group "greeter") + (supplementary-groups (greetd-greeter-supplementary-groups config)) + (system? #t)))) (define (make-greetd-pam-mount-conf-file config) (computed-file @@ -3033,7 +3031,7 @@ mount/unmount /run/user/ directory for user and @code{greetd} login manager daemon.") (extensions (list - (service-extension account-service-type (const %greetd-accounts)) + (service-extension account-service-type greetd-accounts) (service-extension file-system-service-type (const %greetd-file-systems)) (service-extension etc-service-type greetd-etc-service) (service-extension pam-root-service-type greetd-pam-service) diff --git a/gnu/tests/desktop.scm b/gnu/tests/desktop.scm index 6fe6ec21be..95b33da25e 100644 --- a/gnu/tests/desktop.scm +++ b/gnu/tests/desktop.scm @@ -122,6 +122,7 @@ (service seatd-service-type) (service greetd-service-type (greetd-configuration + (greeter-supplementary-groups '("input" "video")) (terminals (list ;; we can make any terminal active by default @@ -295,6 +296,13 @@ minimal %BASE-SERVICES." (marionette-type "echo alice > /run/user/1000/test\n" marionette) (file-get-all-strings "/run/user/1000/test"))) + (test-equal "check greeter user has correct groups" + "greeter input video\n" + (begin + (marionette-type "id -Gn greeter > /run/user/1000/greeter-groups\n" + marionette) + (file-get-all-strings "/run/user/1000/greeter-groups"))) + (test-assert "screendump" (begin (marionette-control (string-append "screendump " #$output -- cgit 1.4.1