diff options
| author | Josselin Poiret <dev@jpoiret.xyz> | 2023-05-09 18:45:07 +0200 |
|---|---|---|
| committer | Ludovic Courtès <ludo@gnu.org> | 2023-05-11 13:21:45 +0200 |
| commit | 2df5d4fd18a2fbcb8066a50e2da8ec64635f5162 (patch) | |
| tree | ecfc8aae744998169e2b38c2e756abeb4210d9f9 /gnu/services/base.scm | |
| parent | b2a65b4c8cfe06eb48e0db83a408dd84175e07dc (diff) | |
system: pam: Let PAM extensions add shepherd requirements.
* gnu/system/pam.scm (<pam-extension>): New record type.
(pam-shepherd-service): Add Shepherd synchronization point.
* gnu/services/mail.scm (dovecot-shepherd-service)
* gnu/services/lightdm.scm (lightdm-shepherd-service)
* gnu/services/mail.scm (opensmtpd-shepherd-service)
* gnu/services/sddm.scm (sddm-shepherd-service)
* gnu/services/ssh.scm (lsh-shepherd-service, openssh-shepherd-service)
* gnu/services/xorg.scm (slim-shepherd-service, gdm-shepherd-service)
* gnu/services/base.scm (greetd-shepherd-services): Add PAM requirement.
* gnu/system/pam.scm (/etc-entry, extend-configuration,
pam-root-service-type, pam-root-service)
* gnu/services/authentication.scm (pam-ldap-pam-service)
* gnu/services/base.scm (pam-limits-service-type)
(greetd-pam-service)
* gnu/services/desktop.scm (pam-gnome-keyring)
* gnu/services/kerberos.scm (pam-krb5-pam-service)
* gnu/services/pam-mount.scm (pam-mount-pam-service): Adapt to use
pam-extension.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Diffstat (limited to 'gnu/services/base.scm')
| -rw-r--r-- | gnu/services/base.scm | 54 |
1 files changed, 29 insertions, 25 deletions
diff --git a/gnu/services/base.scm b/gnu/services/base.scm index a4005fc4fd..fdc2c8c764 100644 --- a/gnu/services/base.scm +++ b/gnu/services/base.scm @@ -1603,20 +1603,22 @@ information on the configuration file syntax." (define pam-limits-service-type (let ((pam-extension - (lambda (pam) - (let ((pam-limits (pam-entry - (control "required") - (module "pam_limits.so") - (arguments - '("conf=/etc/security/limits.conf"))))) - (if (member (pam-service-name pam) - '("login" "greetd" "su" "slim" "gdm-password" "sddm" - "sudo" "sshd")) - (pam-service - (inherit pam) - (session (cons pam-limits - (pam-service-session pam)))) - pam)))) + (pam-extension + (transformer + (lambda (pam) + (let ((pam-limits (pam-entry + (control "required") + (module "pam_limits.so") + (arguments + '("conf=/etc/security/limits.conf"))))) + (if (member (pam-service-name pam) + '("login" "greetd" "su" "slim" "gdm-password" + "sddm" "sudo" "sshd")) + (pam-service + (inherit pam) + (session (cons pam-limits + (pam-service-session pam)))) + pam)))))) ;; XXX: Using file-like objects is deprecated, use lists instead. ;; This is to be reduced into the list? case when the deprecated @@ -3264,16 +3266,18 @@ to handle." (greetd-allow-empty-passwords? config) #:motd (greetd-motd config)) - (lambda (pam) - (if (member (pam-service-name pam) - '("login" "greetd" "su" "slim" "gdm-password")) - (pam-service - (inherit pam) - (auth (append (pam-service-auth pam) - (list optional-pam-mount))) - (session (append (pam-service-session pam) - (list optional-pam-mount)))) - pam)))) + (pam-extension + (transformer + (lambda (pam) + (if (member (pam-service-name pam) + '("login" "greetd" "su" "slim" "gdm-password")) + (pam-service + (inherit pam) + (auth (append (pam-service-auth pam) + (list optional-pam-mount))) + (session (append (pam-service-session pam) + (list optional-pam-mount)))) + pam)))))) (define (greetd-shepherd-services config) (map @@ -3285,7 +3289,7 @@ to handle." (greetd-vt (greetd-terminal-vt tc))) (shepherd-service (documentation "Minimal and flexible login manager daemon") - (requirement '(user-processes host-name udev virtual-terminal)) + (requirement '(pam user-processes host-name udev virtual-terminal)) (provision (list (symbol-append 'term-tty (string->symbol (greetd-terminal-vt tc))))) |