services: network-manager: Create account for 'network-manager-openconnect'.

Previously, on startup, we'd see: dbus: Unknown username nm-openconnect in message bus configuration file This fixes it. * gnu/services/networking.scm (network-manager-accounts): New procedure. (network-manager-service-type): Extend 'account-service-type'. * gnu/packages/gnome.scm (network-manager-openconnect)[properties]: Add 'user-accounts'.
2019-10-18 23:12:35 +02:00 · 2019-10-18 23:12:35 +02:00 · e52b953434
parent 4e37cf35c0
commit e52b953434
2 changed files with 36 additions and 1 deletions
--- a/gnu/packages/gnome.scm
+++ b/gnu/packages/gnome.scm
@ -5635,7 +5635,12 @@ (define-public network-manager-openconnect
 to @acronym{VPNs, virtual private networks} via OpenConnect, an open client for
 Cisco's AnyConnect SSL VPN.")
    (license license:gpl2+)
-    (properties `((upstream-name . "NetworkManager-openconnect")))))
+    (properties `((upstream-name . "NetworkManager-openconnect")
+
+                  ;; The 'etc/dbus-1/system.d/nm-openconnect-service.conf'
+                  ;; file refers to account "nm-openconnect".  Specify it here
+                  ;; so that 'network-manager-service-type' creates it.
+                  (user-accounts . ("nm-openconnect"))))))

 (define-public mobile-broadband-provider-info
  (package
--- a/gnu/services/networking.scm
+++ b/gnu/services/networking.scm
@ -51,6 +51,7 @@ (define-module (gnu services networking)
  #:use-module (guix gexp)
  #:use-module (guix records)
  #:use-module (guix modules)
+  #:use-module (guix packages)
  #:use-module (guix deprecation)
  #:use-module (rnrs enums)
  #:use-module (srfi srfi-1)
@ -1006,6 +1007,33 @@ (define (vpn-plugin-directory plugins)
  "Return a directory containing PLUGINS, the NM VPN plugins."
  (directory-union "network-manager-vpn-plugins" plugins))

+(define (network-manager-accounts config)
+  "Return the list of <user-account> and <user-group> for CONFIG."
+  (define nologin
+    (file-append shadow "/sbin/nologin"))
+
+  (define accounts
+    (append-map (lambda (package)
+                  (map (lambda (name)
+                         (user-account (system? #t)
+                                       (name name)
+                                       (group "network-manager")
+                                       (comment "NetworkManager helper")
+                                       (home-directory "/var/empty")
+                                       (create-home-directory? #f)
+                                       (shell nologin)))
+                       (or (assoc-ref (package-properties package)
+                                      'user-accounts)
+                           '())))
+                (network-manager-configuration-vpn-plugins config)))
+
+  (match accounts
+    (()
+     '())
+    (_
+     (cons (user-group (name "network-manager") (system? #t))
+           accounts))))
+
 (define network-manager-environment
  (match-lambda
    (($ <network-manager-configuration> network-manager dns vpn-plugins)
@ -1055,6 +1083,8 @@ (define network-manager-service-type
                               (compose
                                list
                                network-manager-configuration-network-manager))
+            (service-extension account-service-type
+                               network-manager-accounts)
            (service-extension activation-service-type
                               network-manager-activation)
            (service-extension session-environment-service-type