aboutsummaryrefslogtreecommitdiff
path: root/gnu/system/pam.scm
AgeCommit message (Expand)Author
2023-05-21system: pam: Change 'stop' method to return #f....When the 'stop' method returns a truth value, shepherd interprets it as potential failure and logs it. * gnu/system/pam.scm (pam-shepherd-service): Change 'stop' method to return #f. Ludovic Courtès
2023-05-11system: pam: Let PAM extensions add shepherd requirements....* gnu/system/pam.scm (<pam-extension>): New record type. (pam-shepherd-service): Add Shepherd synchronization point. * gnu/services/mail.scm (dovecot-shepherd-service) * gnu/services/lightdm.scm (lightdm-shepherd-service) * gnu/services/mail.scm (opensmtpd-shepherd-service) * gnu/services/sddm.scm (sddm-shepherd-service) * gnu/services/ssh.scm (lsh-shepherd-service, openssh-shepherd-service) * gnu/services/xorg.scm (slim-shepherd-service, gdm-shepherd-service) * gnu/services/base.scm (greetd-shepherd-services): Add PAM requirement. * gnu/system/pam.scm (/etc-entry, extend-configuration, pam-root-service-type, pam-root-service) * gnu/services/authentication.scm (pam-ldap-pam-service) * gnu/services/base.scm (pam-limits-service-type) (greetd-pam-service) * gnu/services/desktop.scm (pam-gnome-keyring) * gnu/services/kerberos.scm (pam-krb5-pam-service) * gnu/services/pam-mount.scm (pam-mount-pam-service): Adapt to use pam-extension. Signed-off-by: Ludovic Courtès <ludo@gnu.org> Josselin Poiret
2022-02-10gnu: linux-pam: Change path to unix_chkpwd helper....* gnu/packages/patches/linux-pam-unix_chkpwd.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/linux.scm (linux-pam): Use it. * gnu/system/pam.scm (pam-root-service-type): Add unix_chkpwd to setuid. Co-authored-by: Ludovic Courtès <ludo@gnu.org> Andrew Tropin
2022-01-01system: Allow 'chfn' to change the user's full name....Fixes <https://issues.guix.gnu.org/52539>. Reported by Jacob First <jacob.first@member.fsf.org>. * gnu/build/accounts.scm (allocate-passwd): Add comment as to why 'real-name' is taken from PREVIOUS. Add (not system?) to the condition. * gnu/system.scm (operating-system-etc-service) <login.defs>: Add "CHFN_RESTRICT". * gnu/system.scm (%setuid-programs): Add "chfn". * gnu/system/pam.scm (base-pam-services): Add "chfn". * doc/guix.texi (User Accounts): Document it. Ludovic Courtès
2021-08-17services: slim: Add pam-gnupg support....* gnu/system/pam.scm (unix-pam-service): Add account and session PAM entries for pam-gnupg. Don't pass "#f" to "allow-root?" argument, because "lambda*" already does this by default. * doc/guix.texi (X Window): Document this. * gnu/services/xorg.scm (<slim-configuration>)[gnupg?]: New record field. (slim-pam-service): Pass "#:gnupg?" argument to "unix-pam-service". Oleg Pykhalov
2020-05-08services: Add descriptions....* gnu/services/dbus.scm (polkit-service-type)[description]: New field. * gnu/services/dict.scm (dicod-service-type)[description]: New field. * gnu/services/dns.scm (knot-service-type)[description]: New field. * gnu/services/networking.scm (dhcpd-service-type)[description]: New field. * gnu/services/shepherd.scm (shepherd-root-service-type)[description]: New field. * gnu/services/xorg.scm (slim-service-type)[description]: New field. (screen-locker-service-type)[description]: New field. * gnu/system/pam.scm (pam-root-service-type)[description]: New field. * gnu/system/shadow.scm (account-service-type)[description]: New field. Ludovic Courtès
2019-05-09system: pam: Add #:login-uid? parameter to 'unix-pam-service'....* gnu/system/pam.scm (unix-pam-service): Add #:login-uid? parameter. In then 'session' field, add "pam_loginuid.so" as required when LOGIN-UID? is true. Ludovic Courtès
2017-09-22services: Move 'session-environment-service-type' to pam.scm....* gnu/services/base.scm (environment-variables->environment-file) (session-environment-service-type) (session-environment-service): Move to... * gnu/system/pam.scm: ... here. Ludovic Courtès
2017-05-08system: Allow root to run "su" without password....* gnu/system/pam.scm (unix-pam-service): Add pam-entry for "pam_rootok.so" to auth field when ALLOW-ROOT? is #T. (base-pam-services): Allow root to run "su" without authentication. Ricardo Wurmus
2016-11-06gnu: Remove comment which is factually incorrect....* gnu/system/pam.scm: Remove incorrect comment. John Darrington
2016-07-19services: Add pam-limits-service....* gnu/system/pam.scm (<pam-limits-entry>): New record type. (pam-limits-entry, pam-limits-entry->string): New procedures. * gnu/services/base.scm (pam-limits-service-type): New variable. (pam-limits-service): New procedure. * doc/guix.texi (Base Services): Document it. Ricardo Wurmus
2016-02-06system: pam: 'pam-root-service-type' can be extended with transformations....* gnu/system/pam.scm (<pam-configuration>): New record type. (/etc-entry): Change 'services' parameter' to 'config'. Honor the 'transform' field of CONFIG. (extend-configuration): New procedure. (pam-root-service-type): Use EXTEND-CONFIGURATION as the 'extend' field. (pam-root-service): Add #:transform parameter. Service value is a <pam-configuration>. Ludovic Courtès
2016-02-06system: pam: Export accessors....* gnu/system/pam.scm: Export <pam-service> and <pam-entry> accessors. Ludovic Courtès
2015-12-05system: pam: Honor /etc/environment....* gnu/system/pam.scm (unix-pam-service): Add pam_env module to the session group. 宋文武
2015-11-03system: Rename (gnu system linux) to (gnu system pam)....* gnu/system/linux.scm: Rename to... * gnu/system/pam.scm: ... this. * gnu-system.am (GNU_SYSTEM_MODULES): Adjust accordingly. * gnu.scm, gnu/services/base.scm, gnu/services/desktop.scm, gnu/services/networking.scm, gnu/services/ssh.scm, gnu/services/xorg.scm, gnu/system.scm, gnu/system/vm.scm: Likewise. Ludovic Courtès
generated by cgit
it. * nix/libstore/store-api.hh (exportPaths): Likewise. Signed-off-by: Mathieu Othacehe <othacehe@gnu.org> Maxime Devos 2022-09-11daemon: Remove unused function openStore....* nix/libstore/store-api.cc (openStore): Remove it. * nix/libstore/store-api.hh (openStore): Likewise. Signed-off-by: Mathieu Othacehe <othacehe@gnu.org> Maxime Devos 2022-06-05daemon: Quote consistently within a string....* nix/libstore/build.cc (DerivationGoal::registerOutput): ‘’ → `'. Tobias Geerinckx-Rice 2022-05-29daemon: Clarify ‘--check’ error when outputs are missing....Drop the confusing ‘invalid’ jargon and display a hint like we do for ‘--fallback’. * nix/libstore/build.cc (DerivationGoal::outputsSubstituted): Rewrite error message. Tobias Geerinckx-Rice 2022-05-18daemon: runChild() is forbidden to talk during environment set up...DerivationGoal::startBuilder() is waiting for an empty line as a check that the environment set up is fine. Fixes <https://issues.guix.gnu.org/55324>. * nix/libstore/build.cc (DerivationGoal::runChild): Remove 'debug' statement corresponding to bind mounts. Signed-off-by: Ludovic Courtès <ludo@gnu.org> yarl-baudig@mailoo.org 2022-01-18daemon: Always default to gzip for log compression....* nix/libstore/globals.cc (Settings::Settings): Have 'logCompression' default to COMPRESSION_GZIP unconditionally. * gnu/services/base.scm (<guix-configuration>)[log-compression]: Default to 'gzip. * doc/guix.texi (Invoking guix-daemon, Base Services): Adjust accordingly. Ludovic Courtès 2021-11-27daemon: Print the line whence we expect an integer....* nix/libstore/local-store.cc (LocalStore::getLineFromSubstituter): Include the malformed substituter stream line in the error message. Tobias Geerinckx-Rice 2021-11-25daemon: Read substitute nar size as 'unsigned long long'....Fixes <https://issues.guix.gnu.org/46212>. Reported by Christopher Baines <mail@cbaines.net>. Previously, the nar size returned by 'guix substitute' would be read as an 'int'; thus, values above 2^31 - 1 would be read and then stored as negative integers in the database. Regression introduced in 9dfa20a22ae0be3d3b01a7b3d422af97428c627e. * nix/libstore/build.cc (SubstitutionGoal::finished): Use templatized 'string2Int' instead of 'std::atoi' to get an 'unsigned long long', which is the type of 'hash.second'. * tests/store.scm ("substitute and large size"): New test. Ludovic Courtès 2021-11-25daemon: Read unsigned nar size and download size from substituter....Fixes <https://issues.guix.gnu.org/51983>. Reported by Tobias Geerinckx-Rice <me@tobias.gr>. * nix/libstore/local-store.cc (LocalStore::querySubstitutablePathInfos): Expect 'unsigned long long' for 'downloadSize' and 'narSize'. * tests/store.scm ("substitute query and large size"): New test. Ludovic Courtès 2021-11-16daemon: Do not deduplicate files smaller than 8 KiB....Files smaller than 8 KiB typically represent ~70% of the entries in /gnu/store/.links but only contribute to ~4% of the space savings afforded by deduplication. Not considering these files for deduplication speeds up file insertion in the store and, more importantly, leaves 'removeUnusedLinks' with fewer entries to traverse, thereby speeding it up proportionally. Partly fixes <https://issues.guix.gnu.org/24937>. * config-daemon.ac: Remove symlink hard link check and CAN_LINK_SYMLINK definition. * guix/store/deduplication.scm (%deduplication-minimum-size): New variable. (deduplicate)[loop]: Do not recurse when FILE's size is below %DEDUPLICATION-MINIMUM-SIZE. (dump-port): New procedure. (dump-file/deduplicate)[hash]: Turn into... [dump-and-compute-hash]: ... this thunk. Call 'deduplicate' only when SIZE is greater than %DEDUPLICATION-MINIMUM-SIZE; otherwise call 'dump-port'. * nix/libstore/gc.cc (LocalStore::removeUnusedLinks): Drop files where st.st_size < deduplicationMinSize. * nix/libstore/local-store.hh (deduplicationMinSize): New declaration. * nix/libstore/optimise-store.cc (deduplicationMinSize): New variable. (LocalStore::optimisePath_): Return when PATH is a symlink or smaller than 'deduplicationMinSize'. * tests/derivations.scm ("identical files are deduplicated"): Produce files bigger than %DEDUPLICATION-MINIMUM-SIZE. * tests/nar.scm ("restore-file-set with directories (signed, valid)"): Likewise. * tests/store-deduplication.scm ("deduplicate, below %deduplication-minimum-size"): New test. ("deduplicate", "deduplicate, ENOSPC"): Produce files bigger than %DEDUPLICATION-MINIMUM-SIZE. * tests/store.scm ("substitute, deduplication"): Likewise. Ludovic Courtès