gnu: shadow: Add record type for user accounts.

* gnu/system/shadow.scm (<user-account>): New record type.
  (passwd-file): Use it.
* gnu/system/vm.scm (system-qemu-image): Adjust accordingly.
This commit is contained in:
Ludovic Courtès 2013-09-26 21:52:39 +02:00
parent c773aba870
commit bacadb026c
2 changed files with 35 additions and 7 deletions

View file

@ -19,7 +19,18 @@
(define-module (gnu system shadow)
#:use-module (guix store)
#:use-module (ice-9 match)
#:export (passwd-file))
#:use-module (guix records)
#:export (user-account
user-account?
user-account-name
user-account-pass
user-account-uid
user-account-gid
user-account-comment
user-account-home-directory
user-account-shell
passwd-file))
;;; Commentary:
;;;
@ -27,16 +38,28 @@ (define-module (gnu system shadow)
;;;
;;; Code:
(define-record-type* <user-account>
user-account make-user-account
user-account?
(name user-account-name)
(password user-account-pass (default ""))
(uid user-account-uid)
(gid user-account-gid)
(comment user-account-comment (default ""))
(home-directory user-account-home-directory)
(shell user-account-shell (default "/bin/sh")))
(define* (passwd-file store accounts #:key shadow?)
"Return a password file for ACCOUNTS, a list of vectors as returned by
'getpwnam'. If SHADOW? is true, then it is a /etc/shadow file, otherwise it
is a /etc/passwd file."
"Return a password file for ACCOUNTS, a list of <user-account> objects. If
SHADOW? is true, then it is a /etc/shadow file, otherwise it is a /etc/passwd
file."
;; XXX: The resulting file is world-readable, so beware when SHADOW? is #t!
(define contents
(let loop ((accounts accounts)
(result '()))
(match accounts
((#(name pass uid gid comment home-dir shell) rest ...)
((($ <user-account> name pass uid gid comment home-dir shell)
rest ...)
(loop rest
(cons (if shadow?
(string-append name

View file

@ -475,8 +475,13 @@ (define resolv.conf
(dmd-file (string-append (derivation->output-path dmd-drv)
"/bin/dmd"))
(dmd-conf (dmd-configuration-file store %dmd-services))
(accounts (list (vector "root" "" 0 0 "System administrator"
"/" bash-file)))
(accounts (list (user-account
(name "root")
(password "")
(uid 0) (gid 0)
(comment "System administrator")
(home-directory "/")
(shell bash-file))))
(passwd (passwd-file store accounts))
(shadow (passwd-file store accounts #:shadow? #t))
(group (add-text-to-store store "group"