From 2df5d4fd18a2fbcb8066a50e2da8ec64635f5162 Mon Sep 17 00:00:00 2001 From: Josselin Poiret Date: Tue, 9 May 2023 18:45:07 +0200 Subject: system: pam: Let PAM extensions add shepherd requirements. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * gnu/system/pam.scm (): New record type. (pam-shepherd-service): Add Shepherd synchronization point. * gnu/services/mail.scm (dovecot-shepherd-service) * gnu/services/lightdm.scm (lightdm-shepherd-service) * gnu/services/mail.scm (opensmtpd-shepherd-service) * gnu/services/sddm.scm (sddm-shepherd-service) * gnu/services/ssh.scm (lsh-shepherd-service, openssh-shepherd-service) * gnu/services/xorg.scm (slim-shepherd-service, gdm-shepherd-service) * gnu/services/base.scm (greetd-shepherd-services): Add PAM requirement. * gnu/system/pam.scm (/etc-entry, extend-configuration, pam-root-service-type, pam-root-service) * gnu/services/authentication.scm (pam-ldap-pam-service) * gnu/services/base.scm (pam-limits-service-type) (greetd-pam-service) * gnu/services/desktop.scm (pam-gnome-keyring) * gnu/services/kerberos.scm (pam-krb5-pam-service) * gnu/services/pam-mount.scm (pam-mount-pam-service): Adapt to use pam-extension. Signed-off-by: Ludovic Courtès --- gnu/services/base.scm | 54 +++++++++++++++++++++++++++------------------------ 1 file changed, 29 insertions(+), 25 deletions(-) (limited to 'gnu/services/base.scm') diff --git a/gnu/services/base.scm b/gnu/services/base.scm index a4005fc4fd..fdc2c8c764 100644 --- a/gnu/services/base.scm +++ b/gnu/services/base.scm @@ -1603,20 +1603,22 @@ information on the configuration file syntax." (define pam-limits-service-type (let ((pam-extension - (lambda (pam) - (let ((pam-limits (pam-entry - (control "required") - (module "pam_limits.so") - (arguments - '("conf=/etc/security/limits.conf"))))) - (if (member (pam-service-name pam) - '("login" "greetd" "su" "slim" "gdm-password" "sddm" - "sudo" "sshd")) - (pam-service - (inherit pam) - (session (cons pam-limits - (pam-service-session pam)))) - pam)))) + (pam-extension + (transformer + (lambda (pam) + (let ((pam-limits (pam-entry + (control "required") + (module "pam_limits.so") + (arguments + '("conf=/etc/security/limits.conf"))))) + (if (member (pam-service-name pam) + '("login" "greetd" "su" "slim" "gdm-password" + "sddm" "sudo" "sshd")) + (pam-service + (inherit pam) + (session (cons pam-limits + (pam-service-session pam)))) + pam)))))) ;; XXX: Using file-like objects is deprecated, use lists instead. ;; This is to be reduced into the list? case when the deprecated @@ -3264,16 +3266,18 @@ to handle." (greetd-allow-empty-passwords? config) #:motd (greetd-motd config)) - (lambda (pam) - (if (member (pam-service-name pam) - '("login" "greetd" "su" "slim" "gdm-password")) - (pam-service - (inherit pam) - (auth (append (pam-service-auth pam) - (list optional-pam-mount))) - (session (append (pam-service-session pam) - (list optional-pam-mount)))) - pam)))) + (pam-extension + (transformer + (lambda (pam) + (if (member (pam-service-name pam) + '("login" "greetd" "su" "slim" "gdm-password")) + (pam-service + (inherit pam) + (auth (append (pam-service-auth pam) + (list optional-pam-mount))) + (session (append (pam-service-session pam) + (list optional-pam-mount)))) + pam)))))) (define (greetd-shepherd-services config) (map @@ -3285,7 +3289,7 @@ to handle." (greetd-vt (greetd-terminal-vt tc))) (shepherd-service (documentation "Minimal and flexible login manager daemon") - (requirement '(user-processes host-name udev virtual-terminal)) + (requirement '(pam user-processes host-name udev virtual-terminal)) (provision (list (symbol-append 'term-tty (string->symbol (greetd-terminal-vt tc))))) -- cgit v1.2.3