guix/gnu/services
muradm f4f5ee6ad6
services: screen-locker-service-type: Configurable PAM and setuid.
screen-locker-service-type by default does both define PAM entry
and make program setuid binary. Normally both methods are
mutually exclusive, if binary has setuid set it does not really
needs PAM, otherway around also similar, if PAM is enabled
binary should not relay on setuid.

Recent swaylock package now compiled with PAM support. When PAM
support is compiled in, swaylock rejects executing if binary is
also setuid program.

This change turns screen-locker-configuration from strict
PAM AND setuid to more flexible PAM AND/OR setuid. Allowing
swaylock to be configured properly while supporting other
screen locker preferences.

* gnu/services/xorg.scm (screen-locker-configuration): Switch from
define-record-type to define-configuration.
[using-pam?]: New field to control PAM entry existence.
[using-setuid?]: New field to control setuid binary existence.
(screen-locker-pam-services): Should not make unix-pam-service if
using-pam? is set to #f.
(screen-locker-setuid-programs): Should not make program setuid
program if using-setuid? is set to #f.
(screen-locker-generate-doc): Internal function to generate
configuration documentation.
(screen-locker-service): Adapt to new screen-locker-configuration.
* gnu/services/desktop.scm (desktop-services-for-system): Adapt to
new screen-locker-configuration.
* doc/guix.texi: Reflect new changes to screen-locker-configuration.

Signed-off-by: Josselin Poiret <dev@jpoiret.xyz>
2023-06-04 10:33:55 +02:00
..
admin.scm
audio.scm
auditd.scm
authentication.scm system: pam: Let PAM extensions add shepherd requirements. 2023-05-11 13:21:45 +02:00
avahi.scm
base.scm services: guix: Depend on 'avahi-daemon' when 'discover?' is set. 2023-05-24 15:04:00 +02:00
certbot.scm
cgit.scm
ci.scm
configuration.scm
cuirass.scm
cups.scm services: cups: Add cups PAM service. 2023-05-23 20:26:19 -04:00
databases.scm
dbus.scm
desktop.scm services: screen-locker-service-type: Configurable PAM and setuid. 2023-06-04 10:33:55 +02:00
dict.scm services: Transient inetd services inherit requirements. 2023-05-21 01:04:39 +02:00
dns.scm
docker.scm
file-sharing.scm
games.scm
ganeti.scm
getmail.scm
guix.scm services: nar-herder: Support extra environment vars. 2023-05-13 11:26:37 +01:00
herd.scm services: herd: "Resolve" transient services only when needed. 2023-05-30 00:15:29 +02:00
hurd.scm
kerberos.scm system: pam: Let PAM extensions add shepherd requirements. 2023-05-11 13:21:45 +02:00
ldap.scm
lightdm.scm system: pam: Let PAM extensions add shepherd requirements. 2023-05-11 13:21:45 +02:00
linux.scm
lirc.scm
mail.scm system: pam: Let PAM extensions add shepherd requirements. 2023-05-11 13:21:45 +02:00
mcron.scm
messaging.scm services: Transient inetd services inherit requirements. 2023-05-21 01:04:39 +02:00
monitoring.scm services: Add vnstat-service-type. 2023-05-11 16:38:29 +02:00
networking.scm services: inetd: Export accessors. 2023-05-11 16:38:29 +02:00
nfs.scm
nix.scm
pam-mount.scm system: pam: Let PAM extensions add shepherd requirements. 2023-05-11 13:21:45 +02:00
pm.scm
rsync.scm services: rsync: Use least authority wrapper. 2023-05-18 23:11:19 -04:00
samba.scm
science.scm
sddm.scm system: pam: Let PAM extensions add shepherd requirements. 2023-05-11 13:21:45 +02:00
security-token.scm
security.scm
shepherd.scm services: shepherd: Default to 0.10. 2023-05-13 16:27:55 +02:00
sound.scm
spice.scm
ssh.scm services: Transient inetd services inherit requirements. 2023-05-21 01:04:39 +02:00
syncthing.scm
sysctl.scm
telephony.scm
version-control.scm
virtualization.scm service: qemu-binfmt: Remove broken qemu targets. 2023-05-09 17:27:49 +03:00
vnc.scm services: Transient inetd services inherit requirements. 2023-05-21 01:04:39 +02:00
vpn.scm
web.scm
xorg.scm services: screen-locker-service-type: Configurable PAM and setuid. 2023-06-04 10:33:55 +02:00