nixo
/
guix-devel
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

gnu: Add polkit service. 

* gnu/services/desktop.scm (polkit-service): New function.
  (%desktop-services): Add polkit service.
This commit is contained in:
Andy Wingo 2015-08-18 11:57:15 +02:00
parent 3f130e42e0
commit 0071c7894e
1 changed files with 46 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
gnu/services/desktop.scm
View File

@ -24,12 +24,14 @@
#:use-module (gnu services xorg) #:use-module (gnu services xorg)
#:use-module (gnu services networking) #:use-module (gnu services networking)
#:use-module (gnu system shadow) #:use-module (gnu system shadow)
#:use-module (gnu system linux) ; unix-pam-service
#:use-module (gnu packages glib) #:use-module (gnu packages glib)
#:use-module (gnu packages admin) #:use-module (gnu packages admin)
#:use-module (gnu packages freedesktop) #:use-module (gnu packages freedesktop)
#:use-module (gnu packages gnome) #:use-module (gnu packages gnome)
#:use-module (gnu packages avahi) #:use-module (gnu packages avahi)
#:use-module (gnu packages wicd) #:use-module (gnu packages wicd)
#:use-module (gnu packages polkit)
#:use-module (guix monads) #:use-module (guix monads)
#:use-module (guix records) #:use-module (guix records)
#:use-module (guix store) #:use-module (guix store)
@ -41,6 +43,7 @@
geoclue-application geoclue-application
%standard-geoclue-applications %standard-geoclue-applications
geoclue-service geoclue-service
polkit-service
elogind-configuration elogind-configuration
elogind-service elogind-service
%desktop-services)) %desktop-services))
@ -376,6 +379,42 @@ site} for more information."
(shell (shell
"/run/current-system/profile/sbin/nologin")))))))) "/run/current-system/profile/sbin/nologin"))))))))
;;;
;;; Polkit privilege management service.
;;;
(define* (polkit-service #:key (polkit polkit))
"Return a service that runs the @command{polkit} privilege management
service. By querying the @command{polkit} service, a privileged system
component can know when it should grant additional capabilities to ordinary
users. For example, an ordinary user can be granted the capability to suspend
the system if the user is logged in locally."
(with-monad %store-monad
(return
(service
(documentation "Run the polkit privilege management service.")
(provision '(polkit-daemon))
(requirement '(dbus-system))
(start #~(make-forkexec-constructor
(list (string-append #$polkit "/lib/polkit-1/polkitd"))))
(stop #~(make-kill-destructor))
(user-groups (list (user-group
(name "polkitd")
(system? #t))))
(user-accounts (list (user-account
(name "polkitd")
(group "polkitd")
(system? #t)
(comment "Polkit daemon user")
(home-directory "/var/empty")
(shell
"/run/current-system/profile/sbin/nologin"))))
(pam-services (list (unix-pam-service "polkit-1")))))))
;;; ;;;
;;; Elogind login and seat management service. ;;; Elogind login and seat management service.
@ -540,14 +579,16 @@ when they log out."
(avahi-service) (avahi-service)
(wicd-service) (wicd-service)
(upower-service) (upower-service)
;; FIXME: The colord and geoclue services could all be bus-activated ;; FIXME: The colord, geoclue, and polkit services could all be
;; by default, so they don't run at program startup. However, user ;; bus-activated by default, so they don't run at program startup.
;; creation and /var/lib.colord creation happen at service activation ;; However, user creation and /var/lib/colord creation happen at
;; time, so we currently add them to the set of default services. ;; service activation time, so we currently add them to the set of
;; default services.
(colord-service) (colord-service)
(geoclue-service) (geoclue-service)
(polkit-service)
(elogind-service) (elogind-service)
(dbus-service (list avahi wicd upower colord geoclue elogind)) (dbus-service (list avahi wicd upower colord geoclue polkit elogind))
(ntp-service) (ntp-service)