gnu: Add polkit service.
* gnu/services/desktop.scm (polkit-service): New function. (%desktop-services): Add polkit service.
This commit is contained in:
parent
3f130e42e0
commit
0071c7894e
1 changed files with 46 additions and 5 deletions
|
@ -24,12 +24,14 @@ (define-module (gnu services desktop)
|
|||
#:use-module (gnu services xorg)
|
||||
#:use-module (gnu services networking)
|
||||
#:use-module (gnu system shadow)
|
||||
#:use-module (gnu system linux) ; unix-pam-service
|
||||
#:use-module (gnu packages glib)
|
||||
#:use-module (gnu packages admin)
|
||||
#:use-module (gnu packages freedesktop)
|
||||
#:use-module (gnu packages gnome)
|
||||
#:use-module (gnu packages avahi)
|
||||
#:use-module (gnu packages wicd)
|
||||
#:use-module (gnu packages polkit)
|
||||
#:use-module (guix monads)
|
||||
#:use-module (guix records)
|
||||
#:use-module (guix store)
|
||||
|
@ -41,6 +43,7 @@ (define-module (gnu services desktop)
|
|||
geoclue-application
|
||||
%standard-geoclue-applications
|
||||
geoclue-service
|
||||
polkit-service
|
||||
elogind-configuration
|
||||
elogind-service
|
||||
%desktop-services))
|
||||
|
@ -376,6 +379,42 @@ (define* (geoclue-service #:key (geoclue geoclue)
|
|||
(shell
|
||||
"/run/current-system/profile/sbin/nologin"))))))))
|
||||
|
||||
|
||||
;;;
|
||||
;;; Polkit privilege management service.
|
||||
;;;
|
||||
|
||||
(define* (polkit-service #:key (polkit polkit))
|
||||
"Return a service that runs the @command{polkit} privilege management
|
||||
service. By querying the @command{polkit} service, a privileged system
|
||||
component can know when it should grant additional capabilities to ordinary
|
||||
users. For example, an ordinary user can be granted the capability to suspend
|
||||
the system if the user is logged in locally."
|
||||
(with-monad %store-monad
|
||||
(return
|
||||
(service
|
||||
(documentation "Run the polkit privilege management service.")
|
||||
(provision '(polkit-daemon))
|
||||
(requirement '(dbus-system))
|
||||
|
||||
(start #~(make-forkexec-constructor
|
||||
(list (string-append #$polkit "/lib/polkit-1/polkitd"))))
|
||||
(stop #~(make-kill-destructor))
|
||||
|
||||
(user-groups (list (user-group
|
||||
(name "polkitd")
|
||||
(system? #t))))
|
||||
(user-accounts (list (user-account
|
||||
(name "polkitd")
|
||||
(group "polkitd")
|
||||
(system? #t)
|
||||
(comment "Polkit daemon user")
|
||||
(home-directory "/var/empty")
|
||||
(shell
|
||||
"/run/current-system/profile/sbin/nologin"))))
|
||||
|
||||
(pam-services (list (unix-pam-service "polkit-1")))))))
|
||||
|
||||
|
||||
;;;
|
||||
;;; Elogind login and seat management service.
|
||||
|
@ -540,14 +579,16 @@ (define %desktop-services
|
|||
(avahi-service)
|
||||
(wicd-service)
|
||||
(upower-service)
|
||||
;; FIXME: The colord and geoclue services could all be bus-activated
|
||||
;; by default, so they don't run at program startup. However, user
|
||||
;; creation and /var/lib.colord creation happen at service activation
|
||||
;; time, so we currently add them to the set of default services.
|
||||
;; FIXME: The colord, geoclue, and polkit services could all be
|
||||
;; bus-activated by default, so they don't run at program startup.
|
||||
;; However, user creation and /var/lib/colord creation happen at
|
||||
;; service activation time, so we currently add them to the set of
|
||||
;; default services.
|
||||
(colord-service)
|
||||
(geoclue-service)
|
||||
(polkit-service)
|
||||
(elogind-service)
|
||||
(dbus-service (list avahi wicd upower colord geoclue elogind))
|
||||
(dbus-service (list avahi wicd upower colord geoclue polkit elogind))
|
||||
|
||||
(ntp-service)
|
||||
|
||||
|
|
Loading…
Reference in a new issue