summaryrefslogtreecommitdiff
path: root/gnu/system/linux.scm
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/system/linux.scm')
-rw-r--r--gnu/system/linux.scm49
1 files changed, 33 insertions, 16 deletions
diff --git a/gnu/system/linux.scm b/gnu/system/linux.scm
index 7461a4a61f..cd14bc97be 100644
--- a/gnu/system/linux.scm
+++ b/gnu/system/linux.scm
@@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2013, 2014 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -17,11 +17,10 @@
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
(define-module (gnu system linux)
- #:use-module (guix store)
#:use-module (guix records)
#:use-module (guix derivations)
- #:use-module (guix monads)
#:use-module (guix gexp)
+ #:use-module (gnu services)
#:use-module (ice-9 match)
#:use-module (srfi srfi-1)
#:use-module (srfi srfi-26)
@@ -30,7 +29,10 @@
pam-entry
pam-services->directory
unix-pam-service
- base-pam-services))
+ base-pam-services
+
+ pam-root-service-type
+ pam-root-service))
;;; Commentary:
;;;
@@ -86,18 +88,13 @@ dumped in /etc/pam.d/NAME, where NAME is the name of SERVICE."
(map (cut entry->gexp "session" <>) session))
#t))))
- (gexp->derivation name builder))))
+ (computed-file name builder))))
(define (pam-services->directory services)
"Return the derivation to build the configuration directory to be used as
/etc/pam.d for SERVICES."
- (mlet %store-monad
- ((names -> (map pam-service-name services))
- (files (sequence %store-monad
- (map pam-service->configuration
- ;; XXX: Eventually, SERVICES may be a list of
- ;; monadic values instead of plain values.
- services))))
+ (let ((names (map pam-service-name services))
+ (files (map pam-service->configuration services)))
(define builder
#~(begin
(use-modules (ice-9 match)
@@ -105,8 +102,8 @@ dumped in /etc/pam.d/NAME, where NAME is the name of SERVICE."
(mkdir #$output)
(for-each (match-lambda
- ((name file)
- (symlink file (string-append #$output "/" name))))
+ ((name file)
+ (symlink file (string-append #$output "/" name))))
;; Since <pam-service> objects cannot be compared with
;; 'equal?' since they contain gexps, which contain
@@ -114,7 +111,7 @@ dumped in /etc/pam.d/NAME, where NAME is the name of SERVICE."
;; instead. See <http://bugs.gnu.org/20037>.
(delete-duplicates '#$(zip names files)))))
- (gexp->derivation "pam.d" builder)))
+ (computed-file "pam.d" builder)))
(define %pam-other-services
;; The "other" PAM configuration, which denies everything (see
@@ -136,7 +133,7 @@ dumped in /etc/pam.d/NAME, where NAME is the name of SERVICE."
(lambda* (name #:key allow-empty-passwords? motd)
"Return a standard Unix-style PAM service for NAME. When
ALLOW-EMPTY-PASSWORDS? is true, allow empty passwords. When MOTD is true, it
-should be the name of a file used as the message-of-the-day."
+should be a file-like object used as the message-of-the-day."
;; See <http://www.linux-pam.org/Linux-PAM-html/sag-configuration-example.html>.
(let ((name* name))
(pam-service
@@ -195,4 +192,24 @@ authenticate to run COMMAND."
'("useradd" "userdel" "usermod"
"groupadd" "groupdel" "groupmod"))))
+
+;;;
+;;; PAM root service.
+;;;
+
+(define (/etc-entry services)
+ `(("pam.d" ,(pam-services->directory services))))
+
+(define pam-root-service-type
+ (service-type (name 'pam)
+ (extensions (list (service-extension etc-service-type
+ /etc-entry)))
+ (compose concatenate)
+ (extend append)))
+
+(define (pam-root-service base)
+ "The \"root\" PAM service, which collects <pam-service> instance and turns
+them into a /etc/pam.d directory, including the <pam-service> listed in BASE."
+ (service pam-root-service-type base))
+
;;; linux.scm ends here
generated by cgit v1.2.3 (git 2.47.1) at 2025-01-15 20:29:28 +0000