diff options
author | Ludovic Courtès <ludo@gnu.org> | 2016-02-06 11:57:54 +0100 |
---|---|---|
committer | Ludovic Courtès <ludo@gnu.org> | 2016-02-06 12:01:42 +0100 |
commit | e7ad0d586251383a4c8b00222e8dec61d491f03b (patch) | |
tree | 83965a3efa3b53c720e9104420187eeca93b9ee8 /gnu | |
parent | 12c00bca92e3eef2b86565924bbefc39397b5497 (diff) |
services: elogind: Extend PAM to use 'pam_elogind.so'.
Thanks to Andy Wingo <wingo@igalia.com> for explaining this at
<https://lists.gnu.org/archive/html/guix-devel/2015-08/msg00439.html>.
* gnu/services/desktop.scm (pam-extension-procedure): New procedure.
(elogind-service-type): Extend PAM-ROOT-SERVICE-TYPE.
Diffstat (limited to 'gnu')
-rw-r--r-- | gnu/services/desktop.scm | 21 |
1 files changed, 19 insertions, 2 deletions
diff --git a/gnu/services/desktop.scm b/gnu/services/desktop.scm index 36e336f5ca..e4f0736b89 100644 --- a/gnu/services/desktop.scm +++ b/gnu/services/desktop.scm @@ -664,6 +664,22 @@ include the @command{udisksctl} command, part of UDisks, and GNOME Disks." (list (string-append "ELOGIND_CONF_FILE=" #$config-file)))) (stop #~(make-kill-destructor)))))) +(define (pam-extension-procedure config) + "Return an extension for PAM-ROOT-SERVICE-TYPE that ensures that all the PAM +services use 'pam_elogind.so', a module that allows elogind to keep track of +logged-in users (run 'loginctl' to see elogind's world view of users and +seats.)" + (define pam-elogind + (pam-entry + (control "required") + (module #~(string-append #$(elogind-package config) + "/lib/security/pam_elogind.so")))) + + (list (lambda (pam) + (pam-service + (inherit pam) + (session (cons pam-elogind (pam-service-session pam))))))) + (define elogind-service-type (service-type (name 'elogind) (extensions @@ -680,8 +696,9 @@ include the @command{udisksctl} command, part of UDisks, and GNOME Disks." (service-extension profile-service-type (compose list elogind-package)) - ;; TODO: Extend PAM with pam_elogind.so. - )))) + ;; Extend PAM with pam_elogind.so. + (service-extension pam-root-service-type + pam-extension-procedure))))) (define* (elogind-service #:key (config (elogind-configuration))) "Return a service that runs the @command{elogind} login and seat management |