From mboxrd@z Thu Jan 1 00:00:00 1970 From: Andy Wingo Subject: Re: [PATCHES] Get elogind-service working as intended Date: Fri, 04 Sep 2015 09:57:45 +0200 Message-ID: <87d1xyk45i.fsf@igalia.com> References: <87a8t3mc2v.fsf@netris.org> Mime-Version: 1.0 Content-Type: text/plain Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:60720) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ZXltF-0007xp-8n for guix-devel@gnu.org; Fri, 04 Sep 2015 03:58:30 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ZXltC-0000Am-3J for guix-devel@gnu.org; Fri, 04 Sep 2015 03:58:29 -0400 Received: from pb-sasl0.int.icgroup.com ([208.72.237.25]:62216 helo=sasl.smtp.pobox.com) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ZXltB-0008IZ-Sg for guix-devel@gnu.org; Fri, 04 Sep 2015 03:58:26 -0400 In-Reply-To: <87a8t3mc2v.fsf@netris.org> (Mark H. Weaver's message of "Thu, 03 Sep 2015 17:23:36 -0400") List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org To: Mark H Weaver Cc: guix-devel@gnu.org On Thu 03 Sep 2015 23:23, Mark H Weaver writes: > These patches are needed to get Andy's elogind-service working as > intended, e.g. to allow things like suspend-on-lid-close and various > hot keys to work. > > I'm not really happy with any of these, so if someone wants to solve > these problems in a better way, please don't hesitate to do so :) > > Comments and suggestions welcome. Thanks for doing this! I suggest we apply, just to get things working, then work on expanding to have more fields. I can do that later this morning. I note also that there is still more work to do related to PAM. The problem is that there are services whose configuration should depend on the set of services. For example udev, which should add rules corresponding to the colord service, etc. Now one option would be to depend on on the set of services but on the set of packages in the system install. I agree with Mark that this is a bad idea because you don't want to have to audit a package before adding it to the system install. On the other hand if privileges like installing a udev rule are only accessible from services, that's easier to audit because there are fewer services. So then, for example, the elogind service would indicate that it installs udev rules, dbus interfaces, and polkit rules from the elogind package. The udev service would then query all services, adding rules from services that indicate that they extend the udev configuration. To do this I propose a "finalize-configuration" field in services. First, the services are collected into a list, as they are now. Next, Guix does something like this: (define (finalize-services services) (map (lambda (service) ((service-finalize service) service services)) services)) The default service-finalize will be (lambda (service services) service). WDYT? Cheers, Andy