mirror of
https://git.savannah.gnu.org/git/guix.git
synced 2025-01-19 05:57:04 +01:00
gnu: Add 'inputs' field to <user-account>; make 'shell' a monadic value.
* gnu/system/shadow.scm (<user-account>)[inputs]: New field. (passwd-file): Bind the 'shell' field of each account. * gnu/system/vm.scm (%demo-operating-system): Remove 'shell' field. * gnu/system/dmd.scm (guix-build-accounts): Store a monadic value in 'shell'. Add 'inputs' field. * gnu/system.scm (operating-system-derivation): Remove 'shell' field for 'root' account. Add all the 'user-account-inputs' to EXTRAS.
This commit is contained in:
parent
13ce0e3aa7
commit
78ed003811
4 changed files with 38 additions and 34 deletions
|
@ -281,8 +281,7 @@ (define (operating-system-derivation os)
|
|||
(password "")
|
||||
(uid 0) (gid 0)
|
||||
(comment "System administrator")
|
||||
(home-directory "/")
|
||||
(shell bash-file))
|
||||
(home-directory "/"))
|
||||
(append (operating-system-users os)
|
||||
(append-map service-user-accounts
|
||||
services))))
|
||||
|
@ -320,22 +319,22 @@ (define (operating-system-derivation os)
|
|||
(initrd initrd))))
|
||||
(grub.cfg (grub-configuration-file entries))
|
||||
(extras (links (delete-duplicates
|
||||
(append-map service-inputs services)))))
|
||||
(append (append-map service-inputs services)
|
||||
(append-map user-account-inputs accounts))))))
|
||||
(file-union `(("boot" ,boot)
|
||||
("kernel" ,kernel-dir)
|
||||
("initrd" ,initrd-file)
|
||||
("dmd.conf" ,dmd-conf)
|
||||
("bash" ,bash-file) ; XXX: should be a <user-account> input?
|
||||
("profile" ,profile)
|
||||
("grub.cfg" ,grub.cfg)
|
||||
("etc" ,etc)
|
||||
("service-inputs" ,(derivation->output-path extras)))
|
||||
("system-inputs" ,(derivation->output-path extras)))
|
||||
#:inputs `(("kernel" ,kernel)
|
||||
("initrd" ,initrd)
|
||||
("bash" ,bash)
|
||||
("profile" ,profile-drv)
|
||||
("etc" ,etc-drv)
|
||||
("service-inputs" ,extras))
|
||||
("system-inputs" ,extras))
|
||||
#:name "system")))
|
||||
|
||||
;;; system.scm ends here
|
||||
|
|
|
@ -181,18 +181,18 @@ (define* (guix-build-accounts count #:key
|
|||
(shadow shadow))
|
||||
"Return a list of COUNT user accounts for Guix build users, with UIDs
|
||||
starting at FIRST-UID, and under GID."
|
||||
(mlet* %store-monad ((gid* -> gid)
|
||||
(no-login (package-file shadow "sbin/nologin")))
|
||||
(with-monad %store-monad
|
||||
(return (unfold (cut > <> count)
|
||||
(lambda (n)
|
||||
(user-account
|
||||
(name (format #f "guixbuilder~2,'0d" n))
|
||||
(password "!")
|
||||
(uid (+ first-uid n -1))
|
||||
(gid gid*)
|
||||
(gid gid)
|
||||
(comment (format #f "Guix Build User ~2d" n))
|
||||
(home-directory "/var/empty")
|
||||
(shell no-login)))
|
||||
(shell (package-file shadow "sbin/nologin"))
|
||||
(inputs `(("shadow" ,shadow)))))
|
||||
1+
|
||||
1))))
|
||||
|
||||
|
|
|
@ -23,6 +23,7 @@ (define-module (gnu system shadow)
|
|||
#:use-module (guix monads)
|
||||
#:use-module ((gnu packages system)
|
||||
#:select (shadow))
|
||||
#:use-module (gnu packages bash)
|
||||
#:use-module (srfi srfi-1)
|
||||
#:use-module (ice-9 match)
|
||||
#:export (user-account
|
||||
|
@ -34,6 +35,7 @@ (define-module (gnu system shadow)
|
|||
user-account-comment
|
||||
user-account-home-directory
|
||||
user-account-shell
|
||||
user-account-inputs
|
||||
|
||||
user-group
|
||||
user-group?
|
||||
|
@ -61,7 +63,9 @@ (define-record-type* <user-account>
|
|||
(gid user-account-gid)
|
||||
(comment user-account-comment (default ""))
|
||||
(home-directory user-account-home-directory)
|
||||
(shell user-account-shell (default "/bin/sh")))
|
||||
(shell user-account-shell ; monadic value
|
||||
(default (package-file bash "bin/bash")))
|
||||
(inputs user-account-inputs (default `(("bash" ,bash)))))
|
||||
|
||||
(define-record-type* <user-group>
|
||||
user-group make-user-group
|
||||
|
@ -93,26 +97,29 @@ (define* (passwd-file accounts #:key shadow?)
|
|||
SHADOW? is true, then it is a /etc/shadow file, otherwise it is a /etc/passwd
|
||||
file."
|
||||
;; XXX: The resulting file is world-readable, so beware when SHADOW? is #t!
|
||||
(define contents
|
||||
(let loop ((accounts accounts)
|
||||
(result '()))
|
||||
(match accounts
|
||||
((($ <user-account> name pass uid gid comment home-dir shell)
|
||||
rest ...)
|
||||
(loop rest
|
||||
(cons (if shadow?
|
||||
(string-append name
|
||||
":" ; XXX: use (crypt PASS …)?
|
||||
":::::::")
|
||||
(string-append name
|
||||
":" "x"
|
||||
":" (number->string uid)
|
||||
":" (number->string gid)
|
||||
":" comment ":" home-dir ":" shell))
|
||||
result)))
|
||||
(()
|
||||
(string-join (reverse result) "\n" 'suffix)))))
|
||||
(define (contents)
|
||||
(with-monad %store-monad
|
||||
(let loop ((accounts accounts)
|
||||
(result '()))
|
||||
(match accounts
|
||||
((($ <user-account> name pass uid gid comment home-dir mshell)
|
||||
rest ...)
|
||||
(mlet %store-monad ((shell mshell))
|
||||
(loop rest
|
||||
(cons (if shadow?
|
||||
(string-append name
|
||||
":" ; XXX: use (crypt PASS …)?
|
||||
":::::::")
|
||||
(string-append name
|
||||
":" "x"
|
||||
":" (number->string uid)
|
||||
":" (number->string gid)
|
||||
":" comment ":" home-dir ":" shell))
|
||||
result))))
|
||||
(()
|
||||
(return (string-join (reverse result) "\n" 'suffix)))))))
|
||||
|
||||
(text-file (if shadow? "shadow" "passwd") contents))
|
||||
(mlet %store-monad ((contents (contents)))
|
||||
(text-file (if shadow? "shadow" "passwd") contents)))
|
||||
|
||||
;;; shadow.scm ends here
|
||||
|
|
|
@ -415,9 +415,7 @@ (define %demo-operating-system
|
|||
(password "")
|
||||
(uid 1000) (gid 100)
|
||||
(comment "Guest of GNU")
|
||||
(home-directory "/home/guest")
|
||||
;; (shell bash-file)
|
||||
)))
|
||||
(home-directory "/home/guest"))))
|
||||
(packages `(("coreutils" ,coreutils)
|
||||
("bash" ,bash)
|
||||
("guile" ,guile-2.0)
|
||||
|
|
Loading…
Reference in a new issue