From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp11.migadu.com ([2001:41d0:8:6d80::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms5.migadu.com with LMTPS id MBcCJdu48mJeDwEAbAwnHQ (envelope-from ) for ; Tue, 09 Aug 2022 21:43:23 +0200 Received: from aspmx1.migadu.com ([2001:41d0:8:6d80::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp11.migadu.com with LMTPS id eIgCJdu48mKIHAEA9RJhRA (envelope-from ) for ; Tue, 09 Aug 2022 21:43:23 +0200 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 28EC921A62 for ; Tue, 9 Aug 2022 21:43:23 +0200 (CEST) Received: from localhost ([::1]:55000 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1oLV8L-0005Gu-Sk for larch@yhetil.org; Tue, 09 Aug 2022 15:43:21 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:48578) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1oLV82-0005Fw-JL for guix-patches@gnu.org; Tue, 09 Aug 2022 15:43:03 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:55389) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1oLV82-0001um-BE for guix-patches@gnu.org; Tue, 09 Aug 2022 15:43:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1oLV82-0000hK-5m for guix-patches@gnu.org; Tue, 09 Aug 2022 15:43:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#56699] [PATCH v4] gnu: greetd-service-type: Add greeter-extra-groups config field. Resent-From: muradm Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Tue, 09 Aug 2022 19:43:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 56699 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: Liliana Marie Prikler Cc: "\(" , 56699@debbugs.gnu.org Received: via spool by 56699-submit@debbugs.gnu.org id=B56699.16600741692662 (code B ref 56699); Tue, 09 Aug 2022 19:43:02 +0000 Received: (at 56699) by debbugs.gnu.org; 9 Aug 2022 19:42:49 +0000 Received: from localhost ([127.0.0.1]:45138 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1oLV7o-0000gs-F5 for submit@debbugs.gnu.org; Tue, 09 Aug 2022 15:42:48 -0400 Received: from nomad-cl1.staging.muradm.net ([139.162.159.157]:33478 helo=nomad-cl1.muradm.net) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1oLV7m-0000gd-55 for 56699@debbugs.gnu.org; Tue, 09 Aug 2022 15:42:47 -0400 Received: from localhost ([127.0.0.1]:40302) by nomad-cl1.muradm.net with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1oLV76-0002Pw-10; Tue, 09 Aug 2022 19:42:04 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=muradm.net; s=mail; h=Content-Type:MIME-Version:Message-ID:In-reply-to:Date:Subject:Cc:To :From:References:Sender:Reply-To:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=YWzLwADBfpakp/qSi41AVHxSenHDT0X+fp++3cWLXwU=; b=NSWxk/aKoNt0ieDxDO7wHr+qoh D82xcpvPdV5laj8nHCBV4rPxE9DmPRsN/RSqHgbfz4ej1fWxVMX3KA/J2M2Ga6lmRYAWHrdyMS74Z oB8JlAZu0J/KcJD4LYD4AGTUTrCcTEPSKdTocqaIKD8wNTl2Wh0bxdnN/IE7tD1xhj7tGGeIuWxS7 jI6Xt8ao0fZQmjGyvw+GpXulEbsLKRUs8E06Fj3MrPe3s4oedofeEoDh6J7hFIa+H0BphBeKl673J uc3UbBKkobZQtfvyLdwZfUqg+k7fMjLMblf5OYKKeEBhbsdCCfV2l+6oR6g65H02LKCuaRegskeV/ sgAM/kPFsmTp13j7Umb8/YmPVZ/ivdFUJFF2GwLCtvM6inA0QtBh8mHvrowdj2SqIWSdFIj03Ltw8 zkzdTY6AoKCd/F6xafj7IfAULsfNhQmzV8kozmXd9RBx+Qq1DDiiEvPjlo4OR6cISAyviHi/gFzMP Z90NespiuCtYG7c58u392s6r; Received: from muradm by localhost with local (Exim 4.96) (envelope-from ) id 1oLV7a-0007Ky-0p; Tue, 09 Aug 2022 22:42:34 +0300 References: <874jyn20et.fsf@muradm.net> <20220807214804.22323-1-mail@muradm.net> <1d138ba85a305947acc267d995179effd6be0edd.camel@ist.tugraz.at> <87edxqzg95.fsf@muradm.net> User-agent: mu4e 1.8.7; emacs 29.0.50 From: muradm Date: Tue, 09 Aug 2022 22:40:47 +0300 In-reply-to: Message-ID: <8735e5yziu.fsf@muradm.net> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="==-=-="; micalg=pgp-sha256; protocol="application/pgp-signature" X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: "Guix-patches" X-Migadu-Flow: FLOW_IN X-Migadu-To: larch@yhetil.org X-Migadu-Country: US ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1660074203; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:resent-cc:resent-from:resent-sender: resent-message-id:in-reply-to:in-reply-to:references:references: list-id:list-help:list-unsubscribe:list-subscribe:list-post: dkim-signature; bh=YWzLwADBfpakp/qSi41AVHxSenHDT0X+fp++3cWLXwU=; b=FCcXAA8HtKwti7SnS6p/f9RnE4EehHolyPBQCOfJ+jyuJ5p3CbSOCfjaHBCyFVtD9ijuNG 9a7HsJqMp5HSblF6U1dGRoHnM9xebej84NxbHZLDXutJsvO5qR2jfwfZXtLTZspZAFbTMn 0oEXtu4J0nnY4nSWBNJVv8V/mDBr0/bBXlccZzLhbioFGw4zpBfShuh9Oe4ZBp0bIGIm0e dyDnpoLorI65IPUw34JPEN5n2xOLcPdamLrGYhKzkDDXJxthkVV7CUzxh0fUdiGf5xq9bq YNbEzYcOStxg+TQ6Lt5k6K/55W61SbdJyxXkhXk6nlTHVgxrCvThk/nkLK8wsg== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1660074203; a=rsa-sha256; cv=none; b=p65JYXgf6R8ufST+kwBnoeM5QGYYGq+TJKYpmfmVsiQa0EPZMtWQsIPQ32lJ1fq6IGM8xp sODB3wld+BzVgEznFNKq8MK1xJ3KcSxVN3VfZHQ6b58jjqZPNs491cWp8ytkBheW8rjqmD QeOIleP4yWg7wcdpzc8ziV0SX9CTYsQi388mozEHhOQzM9wuVhOs/SScnM0vple0Luc27m /hqanAcHWDFP/KvztdQZZ1PcMb0gG/LOJmEEEdYidQWKxeqhEjgorVSZYSF54G3LSsT7eZ UzbUCnc0KS8Wr7yT+EZ5ple/tlAcg1p+IOcQ7RAQaioMQ0U61YY2N7ICpypQwA== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=muradm.net header.s=mail header.b="NSWxk/aK"; dmarc=none; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org" X-Migadu-Spam-Score: -1.59 Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=muradm.net header.s=mail header.b="NSWxk/aK"; dmarc=none; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org" X-Migadu-Queue-Id: 28EC921A62 X-Spam-Score: -1.59 X-Migadu-Scanner: scn0.migadu.com X-TUID: ZmWRDLFhxqVJ --==-=-= Content-Type: multipart/mixed; boundary="=-=-=" --=-=-= Content-Type: text/plain; format=flowed fixed --=-=-= Content-Type: text/x-patch Content-Disposition: inline; filename=v4-0001-gnu-greetd-service-type-Add-greeter-extra-groups-.patch Content-Transfer-Encoding: quoted-printable Content-Description: v4-0001-gnu-greetd-service-type-Add-greeter-extra-groups-.patch From=20d92efe5c5f26645513911ac11ec8876681768b4b Mon Sep 17 00:00:00 2001 From: muradm Date: Fri, 22 Jul 2022 14:28:57 +0300 Subject: [PATCH v4] gnu: greetd-service-type: Add greeter-extra-groups conf= ig field. To: 56699@debbugs.gnu.org * gnu/services/base.scm (greetd-service-type): Added configurable supplementary groups. [extensions]: Switching accounts-service-type from const to function. (): Added greeter-supplementary-groups field. (greetd-accounts-service): New variable, function returning list necessary accounts for accounts-service-type, including the greeter-supplementary-groups. (%greetd-accounts): Removed. * gnu/tests/desktop.scm (%minimal-services): Add test for greeter-supplementary-groups. * doc/guix.texi: Mention greeter-supplementary-groups field with example. =2D-- doc/guix.texi | 7 +++++++ gnu/services/base.scm | 24 +++++++++++------------- gnu/tests/desktop.scm | 7 +++++++ 3 files changed, 25 insertions(+), 13 deletions(-) diff --git a/doc/guix.texi b/doc/guix.texi index 896c830aeb..3f04a32f2d 100644 =2D-- a/doc/guix.texi +++ b/doc/guix.texi @@ -18554,6 +18554,13 @@ the 'root' account has just been created. @item @code{terminals} (default: @code{'()}) List of @code{greetd-terminal-configuration} per terminal for which @code{greetd} should be started. + +@item @code{greeter-supplementary-groups} (default: @code{'()}) +List of groups which should be added to @code{greeter} user. For instance: +@lisp +(greeter-supplementary-groups '("seat" "video")) +@end lisp +Note that, this example will fail if @code{seat} group does not exist. @end table @end deftp =20 diff --git a/gnu/services/base.scm b/gnu/services/base.scm index 27eae75c46..251196b108 100644 =2D-- a/gnu/services/base.scm +++ b/gnu/services/base.scm @@ -2918,17 +2918,6 @@ (define (make-greetd-terminal-configuration-file con= fig) "user =3D " default-session-user "\n" "command =3D " default-session-command "\n"))) =20 =2D(define %greetd-accounts =2D (list (user-account =2D (name "greeter") =2D (group "greeter") =2D ;; video group is required for graphical greeters. =2D (supplementary-groups '("video")) =2D (system? #t)) =2D (user-group =2D (name "greeter") =2D (system? #t)))) =2D (define %greetd-file-systems (list (file-system (device "none") @@ -2956,7 +2945,16 @@ (define-record-type* greetd-configuration? (motd greetd-motd (default %default-motd)) (allow-empty-passwords? greetd-allow-empty-passwords? (default #t)) =2D (terminals greetd-terminals (default '()))) + (terminals greetd-terminals (default '())) + (greeter-supplementary-groups greetd-greeter-supplementary-groups (defau= lt '()))) + +(define (greetd-accounts-service config) + (list (user-group (name "greeter") (system? #t)) + (user-account + (name "greeter") + (group "greeter") + (supplementary-groups (greetd-greeter-supplementary-groups config= )) + (system? #t)))) =20 (define (make-greetd-pam-mount-conf-file config) (computed-file @@ -3033,7 +3031,7 @@ (define greetd-service-type login manager daemon.") (extensions (list =2D (service-extension account-service-type (const %greetd-accounts)) + (service-extension account-service-type greetd-accounts-service) (service-extension file-system-service-type (const %greetd-file-syste= ms)) (service-extension etc-service-type greetd-etc-service) (service-extension pam-root-service-type greetd-pam-service) diff --git a/gnu/tests/desktop.scm b/gnu/tests/desktop.scm index 25971f9225..f20423f0aa 100644 =2D-- a/gnu/tests/desktop.scm +++ b/gnu/tests/desktop.scm @@ -122,6 +122,7 @@ (define %minimal-services (service seatd-service-type) (service greetd-service-type (greetd-configuration + (greeter-supplementary-groups '("input" "video")) (terminals (list ;; we can make any terminal active by default @@ -286,6 +287,12 @@ (define (greetd-pid-to-sock pid) (marionette-type "echo alice > /run/user/1000/test\n" marion= ette) (file-get-all-strings "/run/user/1000/test"))) =20 + (test-equal "check greeter user has correct groups" + "greeter input video\n" + (begin + (marionette-type "id -Gn greeter > /run/user/1000/greeter-gr= oups\n" marionette) + (file-get-all-strings "/run/user/1000/greeter-groups"))) + (test-assert "screendump" (begin (marionette-control (string-append "screendump " #$output =2D-=20 2.37.1 --=-=-= Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: quoted-printable Liliana Marie Prikler writes: > Am Montag, dem 08.08.2022 um 22:27 +0300 schrieb muradm: >> >> Liliana Marie Prikler writes: >> >> > Am Montag, dem 08.08.2022 um 00:48 +0300 schrieb muradm: >> > > --- >> > > =C2=A0doc/guix.texi=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 = |=C2=A0 8 ++++++++ >> > > =C2=A0gnu/services/base.scm | 24 +++++++++++------------- >> > > =C2=A0gnu/tests/desktop.scm |=C2=A0 7 +++++++ >> > > =C2=A03 files changed, 26 insertions(+), 13 deletions(-) >> > > >> > > diff --git a/doc/guix.texi b/doc/guix.texi >> > > index 21cee4e369..2b09bea3b0 100644 >> > > --- a/doc/guix.texi >> > > +++ b/doc/guix.texi >> > > @@ -18509,6 +18509,14 @@ the 'root' account has just been >> > > created. >> > > =C2=A0@item @code{terminals} (default: @code{'()}) >> > > =C2=A0List of @code{greetd-terminal-configuration} per terminal=20 >> > > for >> > > which >> > > =C2=A0@code{greetd} should be started. >> > > + >> > > +@item @code{greeter-groups} (default: @code{'()}) >> > > +List of groups which should be added to @code{greeter}=20 >> > > user. >> > > For >> > > instance: >> > > +@lisp >> > > +(greeter-groups '("seat" "video")) >> > > +@end lisp >> > > +Note that, however it will fail if=20 >> > > @code{seatd-service-type} >> > > is not >> > > present, >> > > +or to be more specific, @code{seat} group is not present. >> > Note that this example will fail if the @code{seat} group=20 >> > does >> > not exist. >> Which is stated right on the next line. > In a convoluted way. "Note that this example will fail if the > @code{seat} group does not exist." is imho easier on the reader. > > Cheers --=-=-=-- --==-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEESPY5lma9A9l5HGLP6M7O0mLOBeIFAmLyuKkACgkQ6M7O0mLO BeLNphAAuMlTmTNEr7TMRg4H8IjukSoamQAzk0/UZQiPkWNrPlVIH4gijCKEwbcQ MYxYR/YBZyRnrNlwhkha4wBYkVBPBnMEWdWcc089lNpMMAUcjiXa7QbsPrQ2htoa XgR0iE5PuFN7S82hW42bgu4lEV1F5ii2gy0mixt8bcYWtiNCJHg67/oQFSeB8fbM D5Ysyb3U/p0kWzFDnTxgAdnYw9ihAzfoMvbvEpCuOt7HKU/+fBkUAcfDAeH0sA/B SwmWlcwx/oKCbxv+YYv8BZPMC63dbDTvRLYDX6KBAAArrxm/zSmmsy/R7aMBqPeU syKi0SIjNE7flvpncCoXmTRUTaDsEMbTys2oD+p0D6D1jnlyNOKSvoIZh0QpLEii /mEylYFASD63Quml0Ck2rnxgKv0LN/Vnc9qix3SgvK/4nwY27vjDRjNFNJkFbfMs xlFKryu7gQSisnO3RsSH7gXl/LVWcUXLeZeD03Dh0bZfYrnfHNSY++CONm+x+BRt kOx8xKstq/4I8m4Q2j7n14E6KYkgBgEx8bWCWfeoMYuihEd3dCKlmF4POaISo1+t DVdUPpxl0+znqdQBcApyrYit5wK65ZbhPrcKFmvpTdVYAKBxSgauxqIw7WnzEgwZ /JWYEMHE78dLTD2OYMJQhA9YKuXddYwKxFCutgv5PNcetu/ddSg= =sQB+ -----END PGP SIGNATURE----- --==-=-=--