From: "Ludovic Courtès" <ludo@gnu.org>
To: Josselin Poiret <dev@jpoiret.xyz>
Cc: 63314@debbugs.gnu.org
Subject: [bug#63314] [PATCH v2 1/2] system: pam: Let PAM extensions add shepherd requirements.
Date: Thu, 11 May 2023 13:15:42 +0200 [thread overview]
Message-ID: <8735435db5.fsf@gnu.org> (raw)
In-Reply-To: <9371fcad4037f991a3c003f550c8c080f15271f6.1683650554.git.dev@jpoiret.xyz> (Josselin Poiret's message of "Tue, 9 May 2023 18:45:07 +0200")
[-- Attachment #1: Type: text/plain, Size: 1135 bytes --]
Hi,
Josselin Poiret <dev@jpoiret.xyz> skribis:
> From: Josselin Poiret <dev@jpoiret.xyz>
>
> * gnu/system/pam.scm (<pam-extension>): New record type.
> (pam-shepherd-service): Add Shepherd synchronization point.
>
> * gnu/services/mail.scm (dovecot-shepherd-service)
> * gnu/services/lightdm.scm (lightdm-shepherd-service)
> * gnu/services/mail.scm (opensmtpd-shepherd-service)
> * gnu/services/sddm.scm (sddm-shepherd-service)
> * gnu/services/ssh.scm (lsh-shepherd-service, openssh-shepherd-service)
> * gnu/services/xorg.scm (slim-shepherd-service, gdm-shepherd-service)
> * gnu/services/base.scm (greetd-shepherd-services): Add PAM requirement.
>
> * gnu/system/pam.scm (/etc-entry, extend-configuration,
> pam-root-service-type, pam-root-service)
> * gnu/services/authentication.scm (pam-ldap-pam-service)
> * gnu/services/base.scm (pam-limits-service-type)
> (greetd-pam-service)
> * gnu/services/desktop.scm (pam-gnome-keyring)
> * gnu/services/kerberos.scm (pam-krb5-pam-service)
> * gnu/services/pam-mount.scm (pam-mount-pam-service): Adapt to use
> pam-extension.
Excellent! I committed with the cosmetic changes below:
[-- Attachment #2: Type: text/x-patch, Size: 2608 bytes --]
diff --git a/gnu/system/pam.scm b/gnu/system/pam.scm
index f624064999..adc40c975f 100644
--- a/gnu/system/pam.scm
+++ b/gnu/system/pam.scm
@@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2013-2017, 2019-2021 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2023 Josselin Poiret <dev@jpoiret.xyz>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -354,9 +355,9 @@ (define (session-environment-service vars)
;;; PAM root service.
;;;
-;; A PAM transformer consists of a procedure acting on each PAM entry, with an
-;; additional list of shepherd-requirements that the meta PAM shepherd service
-;; will depend on.
+;; Extension of the PAM configuration. A PAM transformer consists of a
+;; procedure acting on each PAM entry; 'shepherd-requirements' lists services
+;; that the meta 'pam' Shepherd service will depend on.
(define-record-type* <pam-extension>
pam-extension make-pam-extension pam-extension?
(transformer pam-extension-transformer)
@@ -380,12 +381,8 @@ (define (/etc-entry config)
"Return the /etc/pam.d entry corresponding to CONFIG."
(match config
(($ <pam-configuration> services transformers shepherd-requirements)
- (let ((services
- (map
- ;; XXX We need to add identity because compose expects at least
- ;; one argument for some reason.
- (apply compose (cons identity transformers))
- services)))
+ (let ((services (map (apply compose identity transformers)
+ services)))
`(("pam.d" ,(pam-services->directory services)))))))
(define (pam-shepherd-service config)
@@ -404,16 +401,15 @@ (define (extend-configuration initial extensions)
"Extend INITIAL with NEW."
;; TODO: Remove deprecation shim.
(define cleaned-extensions
- (map
- (lambda (ext)
- (cond
- ((procedure? ext)
- (begin
- (warning (G_ "pam-root-service-type transformer extensions should\
-now use the <pam-extension> record."))
- (pam-extension (transformer ext))))
- (#t ext)))
- extensions))
+ (map (lambda (ext)
+ (if (procedure? ext)
+ (begin
+ (warning (G_ "'pam-root-service-type' extensions should \
+now use the <pam-extension> record~%"))
+ (pam-extension (transformer ext)))
+ ext))
+ extensions))
+
(let-values (((services pam-extensions)
(partition pam-service? cleaned-extensions)))
(pam-configuration
[-- Attachment #3: Type: text/plain, Size: 12 bytes --]
Ludo’.
next prev parent reply other threads:[~2023-05-11 11:16 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-05-05 17:50 [bug#63314] [PATCH 0/2] Add PAM shepherd requirements Josselin Poiret via Guix-patches via
2023-05-05 17:51 ` [bug#63314] [PATCH 1/2] system: pam: Let PAM extenders add " Josselin Poiret via Guix-patches via
2023-05-08 9:45 ` [bug#63314] [PATCH 0/2] Add PAM " Ludovic Courtès
2023-05-09 16:45 ` [bug#63314] [PATCH v2 " Josselin Poiret via Guix-patches via
2023-05-09 16:45 ` [bug#63314] [PATCH v2 1/2] system: pam: Let PAM extensions add " Josselin Poiret via Guix-patches via
2023-05-11 11:15 ` Ludovic Courtès [this message]
2023-05-09 16:45 ` [bug#63314] [PATCH v2 2/2] services: elogind: Add elogind as a shepherd PAM requirement Josselin Poiret via Guix-patches via
2023-05-11 11:16 ` bug#63314: " Ludovic Courtès
2023-05-05 17:51 ` [bug#63314] [PATCH " Josselin Poiret via Guix-patches via
2023-05-08 9:46 ` [bug#63314] [PATCH 0/2] Add PAM shepherd requirements Ludovic Courtès
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=8735435db5.fsf@gnu.org \
--to=ludo@gnu.org \
--cc=63314@debbugs.gnu.org \
--cc=dev@jpoiret.xyz \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).