;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2013, 2014, 2015, 2016, 2017, 2018, 2019 Ludovic Courtès ;;; ;;; This file is part of GNU Guix. ;;; ;;; GNU Guix is free software; you can redistribute it and/or modify it ;;; under the terms of the GNU General Public License as published by ;;; the Free Software Foundation; either version 3 of the License, or (at ;;; your option) any later version. ;;; ;;; GNU Guix is distributed in the hope that it will be useful, but ;;; WITHOUT ANY WARRANTY; without even the implied warranty of ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ;;; GNU General Public License for more details. ;;; ;;; You should have received a copy of the GNU General Public License ;;; along with GNU Guix. If not, see . (define-module (gnu system accounts) #:use-module (guix records) #:use-module (ice-9 match) #:export (user-account user-account? user-account-name user-account-password user-account-uid user-account-group user-account-supplementary-groups user-account-comment user-account-home-directory user-account-create-home-directory? user-account-shell user-account-system? user-group user-group? user-group-name user-group-password user-group-id user-group-system? sexp->user-account sexp->user-group default-shell)) ;;; Commentary: ;;; ;;; Data structures representing user accounts and user groups. This is meant ;;; to be used both on the host side and at run time--e.g., in activation ;;; snippets. ;;; ;;; Code: (define default-shell ;; Default shell for user accounts (a string or string-valued gexp). (make-parameter "/bin/sh")) (define-record-type* user-account make-user-account user-account? (name user-account-name) (password user-account-password (default #f)) (uid user-account-uid (default #f)) (group user-account-group) ; number | string (supplementary-groups user-account-supplementary-groups (default '())) ; list of strings (comment user-account-comment (default "")) (home-directory user-account-home-directory (thunked) (default (default-home-directory this-record))) (create-home-directory? user-account-create-home-directory? ;Boolean (default #t)) (shell user-account-shell ; gexp (default (default-shell))) (system? user-account-system? ; Boolean (default #f))) (define-record-type* user-group make-user-group user-group? (name user-group-name) (password user-group-password (default #f)) (id user-group-id (default #f)) (system? user-group-system? ; Boolean (default #f))) (define (default-home-directory account) "Return the default home directory for ACCOUNT." (string-append "/home/" (user-account-name account))) (define (sexp->user-group sexp) "Take SEXP, a tuple as returned by 'user-group->gexp', and turn it into a user-group record." (match sexp ((name password id system?) (user-group (name name) (password password) (id id) (system? system?))))) (define (sexp->user-account sexp) "Take SEXP, a tuple as returned by 'user-account->gexp', and turn it into a user-account record." (match sexp ((name uid group supplementary-groups comment home-directory create-home-directory? shell password system?) (user-account (name name) (uid uid) (group group) (supplementary-groups supplementary-groups) (comment comment) (home-directory home-directory) (create-home-directory? create-home-directory?) (shell shell) (password password) (system? system?))))) pam-mount.scm: new file. * Makefile.am: add pam-mount tests * tests/services/pam-mount.scm: new tests Signed-off-by: Ludovic Courtès <ludo@gnu.org> 2023-05-11system: pam: Let PAM extensions add shepherd requirements.Josselin Poiret * gnu/system/pam.scm (<pam-extension>): New record type. (pam-shepherd-service): Add Shepherd synchronization point. * gnu/services/mail.scm (dovecot-shepherd-service) * gnu/services/lightdm.scm (lightdm-shepherd-service) * gnu/services/mail.scm (opensmtpd-shepherd-service) * gnu/services/sddm.scm (sddm-shepherd-service) * gnu/services/ssh.scm (lsh-shepherd-service, openssh-shepherd-service) * gnu/services/xorg.scm (slim-shepherd-service, gdm-shepherd-service) * gnu/services/base.scm (greetd-shepherd-services): Add PAM requirement. * gnu/system/pam.scm (/etc-entry, extend-configuration, pam-root-service-type, pam-root-service) * gnu/services/authentication.scm (pam-ldap-pam-service) * gnu/services/base.scm (pam-limits-service-type) (greetd-pam-service) * gnu/services/desktop.scm (pam-gnome-keyring) * gnu/services/kerberos.scm (pam-krb5-pam-service) * gnu/services/pam-mount.scm (pam-mount-pam-service): Adapt to use pam-extension. Signed-off-by: Ludovic Courtès <ludo@gnu.org> 2022-06-17gnu: base: Add greetd-service-type.muradm * gnu/services/base.scm (greetd-service-type): New variable * gnu/services/base.scm (greetd-configuration): New data type * gnu/services/base.scm (greetd-terminal-configuration): New data type * gnu/services/base.scm (greetd-agreety-session): New data type * gnu/services/base.scm (pam-limits-service-type): Should be aware of greetd PAM service * gnu/services/pam-mount.scm (pam-mount-pam-service): Should be aware of greetd PAM service Signed-off-by: Lars-Dominik Braun <ldb@leibniz-psychology.org> 2022-01-17services: pam-mount: Add support for sddm login manager.Nick Zalutskiy I noticed that pam_mount mounts work fine when loging into a textual session, but not when using sddm. This patch fixes this problem by ensuring that pam_mount.so is included in /etc/pam.d/sddm config file. * gnu/services/pam-mount.scm (pam-mount-pam-service): Add sddm to the list of pam services. Signed-off-by: Guillaume Le Vaillant <glv@posteo.net>