services: Add GNOME Keyring service.
* gnu/services/desktop.scm: (<gnome-keyring-configuration>): New record type. (pam-gnome-keyring): New procedure. (gnome-keyring-service-type): New variable. * doc/guix.texi (Desktop Services): Document it. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This commit is contained in:
parent
a6492178bd
commit
fe7b59c6b1
|
@ -15753,6 +15753,41 @@ bluetooth keyboard or mouse.
|
||||||
Users need to be in the @code{lp} group to access the D-Bus service.
|
Users need to be in the @code{lp} group to access the D-Bus service.
|
||||||
@end deffn
|
@end deffn
|
||||||
|
|
||||||
|
@defvr {Scheme Variable} gnome-keyring-service-type
|
||||||
|
This is the type of the service that adds the
|
||||||
|
@uref{https://wiki.gnome.org/Projects/GnomeKeyring, GNOME Keyring}. Its
|
||||||
|
value is a @code{gnome-keyring-configuration} object (see below.)
|
||||||
|
|
||||||
|
This service adds the @code{gnome-keyring} package to the system profile
|
||||||
|
and extends PAM with entries using @code{pam_gnome_keyring.so}, unlocking
|
||||||
|
a user's login keyring when they log in or setting its password with passwd.
|
||||||
|
@end defvr
|
||||||
|
|
||||||
|
@deftp {Data Type} gnome-keyring-configuration
|
||||||
|
Configuration record for the GNOME Keyring service.
|
||||||
|
|
||||||
|
@table @asis
|
||||||
|
@item @code{keyring} (default: @code{gnome-keyring})
|
||||||
|
The GNOME keyring package to use.
|
||||||
|
|
||||||
|
@item @code{pam-services}
|
||||||
|
A list of @code{(@var{service} . @var{kind})} pairs denoting PAM
|
||||||
|
services to extend, where @var{service} is the name of an existing
|
||||||
|
service to extend and @var{kind} is one of @code{login} or
|
||||||
|
@code{passwd}.
|
||||||
|
|
||||||
|
If @code{login} is given, it adds an optional
|
||||||
|
@code{pam_gnome_keyring.so} to the auth block without arguments and to
|
||||||
|
the session block with @code{auto_start}. If @code{passwd} is given, it
|
||||||
|
adds an optional @code{pam_gnome_keyring.so} to the password block
|
||||||
|
without arguments.
|
||||||
|
|
||||||
|
By default, this field contains ``gdm-password'' with the value @code{login}
|
||||||
|
and ``passwd'' is with the value @code{passwd}.
|
||||||
|
@end table
|
||||||
|
@end deftp
|
||||||
|
|
||||||
|
|
||||||
@node Sound Services
|
@node Sound Services
|
||||||
@subsection Sound Services
|
@subsection Sound Services
|
||||||
|
|
||||||
|
|
|
@ -137,6 +137,10 @@ (define-module (gnu services desktop)
|
||||||
|
|
||||||
polkit-wheel-service
|
polkit-wheel-service
|
||||||
|
|
||||||
|
gnome-keyring-configuration
|
||||||
|
gnome-keyring-configuration?
|
||||||
|
gnome-keyring-service-type
|
||||||
|
|
||||||
%desktop-services))
|
%desktop-services))
|
||||||
|
|
||||||
;;; Commentary:
|
;;; Commentary:
|
||||||
|
@ -1066,6 +1070,55 @@ (define inputattach-service-type
|
||||||
(description "Return a service that runs inputattach on a device and
|
(description "Return a service that runs inputattach on a device and
|
||||||
dispatches events from it.")))
|
dispatches events from it.")))
|
||||||
|
|
||||||
|
|
||||||
|
;;;
|
||||||
|
;;; gnome-keyring-service-type
|
||||||
|
;;;
|
||||||
|
|
||||||
|
(define-record-type* <gnome-keyring-configuration> gnome-keyring-configuration
|
||||||
|
make-gnome-keyring-configuration
|
||||||
|
gnome-keyring-configuration?
|
||||||
|
(keyring gnome-keyring-package (default gnome-keyring))
|
||||||
|
(pam-services gnome-keyring-pam-services (default '(("gdm-password" . login)
|
||||||
|
("passwd" . passwd)))))
|
||||||
|
|
||||||
|
(define (pam-gnome-keyring config)
|
||||||
|
(define (%pam-keyring-entry . arguments)
|
||||||
|
(pam-entry
|
||||||
|
(control "optional")
|
||||||
|
(module (file-append (gnome-keyring-package config)
|
||||||
|
"/lib/security/pam_gnome_keyring.so"))
|
||||||
|
(arguments arguments)))
|
||||||
|
|
||||||
|
(list
|
||||||
|
(lambda (service)
|
||||||
|
(case (assoc-ref (gnome-keyring-pam-services config)
|
||||||
|
(pam-service-name service))
|
||||||
|
((login)
|
||||||
|
(pam-service
|
||||||
|
(inherit service)
|
||||||
|
(auth (append (pam-service-auth service)
|
||||||
|
(list (%pam-keyring-entry))))
|
||||||
|
(session (append (pam-service-session service)
|
||||||
|
(list (%pam-keyring-entry "auto_start"))))))
|
||||||
|
((passwd)
|
||||||
|
(pam-service
|
||||||
|
(inherit service)
|
||||||
|
(password (append (pam-service-password service)
|
||||||
|
(list (%pam-keyring-entry))))))
|
||||||
|
(else service)))))
|
||||||
|
|
||||||
|
(define gnome-keyring-service-type
|
||||||
|
(service-type
|
||||||
|
(name 'gnome-keyring)
|
||||||
|
(extensions (list
|
||||||
|
(service-extension pam-root-service-type pam-gnome-keyring)))
|
||||||
|
(default-value (gnome-keyring-configuration))
|
||||||
|
(description "Return a service, that adds the @code{gnome-keyring} package
|
||||||
|
to the system profile and extends PAM with entries using
|
||||||
|
@code{pam_gnome_keyring.so}, unlocking a user's login keyring when they log in
|
||||||
|
or setting its password with passwd.")))
|
||||||
|
|
||||||
|
|
||||||
;;;
|
;;;
|
||||||
;;; polkit-wheel-service -- Allow wheel group to perform admin actions
|
;;; polkit-wheel-service -- Allow wheel group to perform admin actions
|
||||||
|
|
Loading…
Reference in a new issue