emacs-bug-tracker
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#56699: closed ([PATCH] gnu: greetd-service-type: Add greeter-extra-g

From: GNU bug Tracking System
Subject: bug#56699: closed ([PATCH] gnu: greetd-service-type: Add greeter-extra-groups config field.)
Date: Fri, 26 Aug 2022 17:07:02 +0000 
Your message dated Fri, 26 Aug 2022 19:06:14 +0200
with message-id <400cf1fed0d340398da6e2e0e32bebdb8fd842ef.camel@gmail.com>
and subject line Re: greeter user permissions are not enough to talk with seatd
has caused the debbugs.gnu.org bug report #56699,
regarding [PATCH] gnu: greetd-service-type: Add greeter-extra-groups config 
field.
to be marked as done.

(If you believe you have received this mail in error, please contact
help-debbugs@gnu.org.)


-- 
56699: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=56699
GNU Bug Tracking System
Contact help-debbugs@gnu.org with problems
--- Begin Message --- Subject: [PATCH] gnu: greetd-service-type: Add greeter-extra-groups config field. Date: Fri, 22 Jul 2022 14:45:01 +0300 
* gnu/services/base.scm (greetd-service-type): Added configurable groups.
[extensions]: Switching accounts-service-type from const to function.
(<greetd-configuration>): Added greeter-extra-groups field of type list.
(greetd-accounts-service): New variable, function returning list necessary
accounts for accounts-service-type, including the greeter-extra-groups.
(%greetd-accounts): Removed.
* doc/guix.texi: Mention greeter-extra-groups field with example.
---
 doc/guix.texi         |  8 ++++++++
 gnu/services/base.scm | 28 +++++++++++++++-------------
 2 files changed, 23 insertions(+), 13 deletions(-)

diff --git a/doc/guix.texi b/doc/guix.texi
index 3c5864ec1a..51678b7f19 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -18493,6 +18493,14 @@ the 'root' account has just been created.
 @item @code{terminals} (default: @code{'()})
 List of @code{greetd-terminal-configuration} per terminal for which
 @code{greetd} should be started.
+
+@item @code{greeter-extra-groups} (default: @code{'()})
+List of groups which should be added to @code{greeter} user. For instance:
+@lisp
+(greeter-extra-groups '("seat"))
+@end lisp
+Note that, however it will fail if @code{seatd-service-type} is not present,
+or to be more specific, @code{seat} group is not present.
 @end table
 @end deftp
 
diff --git a/gnu/services/base.scm b/gnu/services/base.scm
index 27eae75c46..94c8dcac2a 100644
--- a/gnu/services/base.scm
+++ b/gnu/services/base.scm
@@ -2918,17 +2918,6 @@ (define (make-greetd-terminal-configuration-file config)
      "user = " default-session-user "\n"
      "command = " default-session-command "\n")))
 
-(define %greetd-accounts
-  (list (user-account
-         (name "greeter")
-         (group "greeter")
-         ;; video group is required for graphical greeters.
-         (supplementary-groups '("video"))
-         (system? #t))
-        (user-group
-         (name "greeter")
-         (system? #t))))
-
 (define %greetd-file-systems
   (list (file-system
           (device "none")
@@ -2956,7 +2945,20 @@ (define-record-type* <greetd-configuration>
   greetd-configuration?
   (motd greetd-motd (default %default-motd))
   (allow-empty-passwords? greetd-allow-empty-passwords? (default #t))
-  (terminals greetd-terminals (default '())))
+  (terminals greetd-terminals (default '()))
+  (greeter-extra-groups greetd-greeter-extra-groups (default '())))
+
+(define (greetd-accounts-service config)
+  (list (user-group (name "greeter") (system? #t))
+        (user-account
+         (name "greeter")
+         (group "greeter")
+         ;; video group is required for graphical greeters.
+         (supplementary-groups
+          (append
+           '("video")
+           (greetd-greeter-extra-groups config)))
+         (system? #t))))
 
 (define (make-greetd-pam-mount-conf-file config)
   (computed-file
@@ -3033,7 +3035,7 @@ (define greetd-service-type
 login manager daemon.")
    (extensions
     (list
-     (service-extension account-service-type (const %greetd-accounts))
+     (service-extension account-service-type greetd-accounts-service)
      (service-extension file-system-service-type (const %greetd-file-systems))
      (service-extension etc-service-type greetd-etc-service)
      (service-extension pam-root-service-type greetd-pam-service)
-- 
2.36.1

--- End Message ---
--- Begin Message --- Subject: Re: greeter user permissions are not enough to talk with seatd Date: Fri, 26 Aug 2022 19:06:14 +0200 User-agent: Evolution 3.42.1 
Am Donnerstag, dem 04.08.2022 um 12:45 +0300 schrieb muradm:
> * 56690 - gnu: seatd-service-type: Should use seat group.
> With this change, if seatd-service-type is present in the
> system configuration, "seat" group will be added, and seatd
> will run as root/seat. Group is configurable, but default is 
> "seat".
I made it so that by default the sanitizer is used to turn the string
"seat" into a group and used (ice-9 match), reducing some needless
redundancy.  I also reworded the manual to the best of my ability
following our conversations and adapted the commit message.

> * 56699 - gnu: greetd-service-type: Add greeter-extra-groups 
>   config field.
> With this change, if user wants to use seatd-service-type with
> greeter requiring seatd.sock, he can add "seat" group to
> greeter-extra-groups field.
I fixed some minor issue in the manual and reindented the marionette-
type in the tests, also reworded the commit message.

I didn't get the chance to run the system tests – some timeout causes
the marionette build to fail on my machine – but I verified
independently that at least the seatd socket has the right permissions.
I hope this will be enough for you to get gtkgreet running.

Cheers

--- End Message ---
reply via email to
[Prev in Thread] Current Thread [Next in Thread]