From e7ad0d586251383a4c8b00222e8dec61d491f03b Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Sat, 6 Feb 2016 11:57:54 +0100 Subject: services: elogind: Extend PAM to use 'pam_elogind.so'. Thanks to Andy Wingo for explaining this at . * gnu/services/desktop.scm (pam-extension-procedure): New procedure. (elogind-service-type): Extend PAM-ROOT-SERVICE-TYPE. --- gnu/services/desktop.scm | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) (limited to 'gnu/services/desktop.scm') diff --git a/gnu/services/desktop.scm b/gnu/services/desktop.scm index 36e336f5ca..e4f0736b89 100644 --- a/gnu/services/desktop.scm +++ b/gnu/services/desktop.scm @@ -664,6 +664,22 @@ (define (elogind-shepherd-service config) (list (string-append "ELOGIND_CONF_FILE=" #$config-file)))) (stop #~(make-kill-destructor)))))) +(define (pam-extension-procedure config) + "Return an extension for PAM-ROOT-SERVICE-TYPE that ensures that all the PAM +services use 'pam_elogind.so', a module that allows elogind to keep track of +logged-in users (run 'loginctl' to see elogind's world view of users and +seats.)" + (define pam-elogind + (pam-entry + (control "required") + (module #~(string-append #$(elogind-package config) + "/lib/security/pam_elogind.so")))) + + (list (lambda (pam) + (pam-service + (inherit pam) + (session (cons pam-elogind (pam-service-session pam))))))) + (define elogind-service-type (service-type (name 'elogind) (extensions @@ -680,8 +696,9 @@ (define elogind-service-type (service-extension profile-service-type (compose list elogind-package)) - ;; TODO: Extend PAM with pam_elogind.so. - )))) + ;; Extend PAM with pam_elogind.so. + (service-extension pam-root-service-type + pam-extension-procedure))))) (define* (elogind-service #:key (config (elogind-configuration))) "Return a service that runs the @command{elogind} login and seat management -- cgit v1.2.3