aboutsummaryrefslogtreecommitdiff
path: root/gnu/services
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2014-05-11 22:41:01 +0200
committerLudovic Courtès <ludo@gnu.org>2014-05-11 22:41:58 +0200
commitab6a279abbfa39b1e1bec0e363744d241972f844 (patch)
tree658055e4ecf33226094c9b506251d0715827203b /gnu/services
parent057d6ce5e42d813b9d5e49ddae5d88e6581cc1d8 (diff)
downloadguix-ab6a279abbfa39b1e1bec0e363744d241972f844.tar.gz
guix-ab6a279abbfa39b1e1bec0e363744d241972f844.zip
system: Make accounts and groups at activation time.
* gnu/services/base.scm (guix-build-accounts): Remove #:gid parameter; add #:group. Remove 'password' and 'gid' fields in 'user-account' form, and add 'group'. (guix-service): Remove #:build-user-gid parameter. Remove 'id' field in 'user-group' form. * gnu/system.scm (etc-directory): Remove #:groups and #:accounts. No longer produce files "passwd", "shadow", and "group". Adjust caller accordingly. (%root-account): New variable. (operating-system-accounts): Add 'users' variable. Add %ROOT-ACCOUNT only of 'operating-system-users' doesn't already contain a root account. (user-group->gexp, user-account->gexp): New procedures. (operating-system-boot-script): Add calls to 'setenv' and 'activate-users+groups' in gexp. * gnu/system/linux.scm (base-pam-services): Add PAM services for "user{add,del,mode}" and "group{add,del,mod}". * gnu/system/shadow.scm (<user-account>)[gid]: Rename to... [group]: ... this. [supplementary-groups]: New field. [uid, password]: Default to #f. (<user-group>)[id]: Default to #f. (group-file, passwd-file): Remove. * gnu/system/vm.scm (operating-system-default-contents)[user-directories]: Remove. Add "/home" to the directives. * guix/build/activation.scm (add-group, add-user, activate-users+groups): New procedures.
Diffstat (limited to 'gnu/services')
-rw-r--r--gnu/services/base.scm10
1 files changed, 4 insertions, 6 deletions
diff --git a/gnu/services/base.scm b/gnu/services/base.scm
index 6431a3aaba..1f5ff3e4cb 100644
--- a/gnu/services/base.scm
+++ b/gnu/services/base.scm
@@ -237,8 +237,8 @@ stopped before 'kill' is called."
(stop #~(make-kill-destructor))))))
(define* (guix-build-accounts count #:key
+ (group "guixbuild")
(first-uid 30001)
- (gid 30000)
(shadow shadow))
"Return a list of COUNT user accounts for Guix build users, with UIDs
starting at FIRST-UID, and under GID."
@@ -247,9 +247,8 @@ starting at FIRST-UID, and under GID."
(lambda (n)
(user-account
(name (format #f "guixbuilder~2,'0d" n))
- (password "!")
(uid (+ first-uid n -1))
- (gid gid)
+ (group group)
(comment (format #f "Guix Build User ~2d" n))
(home-directory "/var/empty")
(shell #~(string-append #$shadow "/sbin/nologin"))))
@@ -257,11 +256,11 @@ starting at FIRST-UID, and under GID."
1))))
(define* (guix-service #:key (guix guix) (builder-group "guixbuild")
- (build-user-gid 30000) (build-accounts 10))
+ (build-accounts 10))
"Return a service that runs the build daemon from GUIX, and has
BUILD-ACCOUNTS user accounts available under BUILD-USER-GID."
(mlet %store-monad ((accounts (guix-build-accounts build-accounts
- #:gid build-user-gid)))
+ #:group builder-group)))
(return (service
(provision '(guix-daemon))
(requirement '(user-processes))
@@ -274,7 +273,6 @@ BUILD-ACCOUNTS user accounts available under BUILD-USER-GID."
(user-accounts accounts)
(user-groups (list (user-group
(name builder-group)
- (id build-user-gid)
(members (map user-account-name
user-accounts)))))))))