diff options
author | Ludovic Courtès <ludo@gnu.org> | 2015-04-17 13:53:05 +0200 |
---|---|---|
committer | Ludovic Courtès <ludo@gnu.org> | 2015-04-17 13:53:16 +0200 |
commit | 5e25ebe2fa70297d094fe891b81c4970e45a906a (patch) | |
tree | 3598bab37caa2b93eb4cbc40f94b74f5f2f4f7ec | |
parent | 8e974b9b98d15b41073b9061d40949517bbf35be (diff) | |
download | patches-5e25ebe2fa70297d094fe891b81c4970e45a906a.tar patches-5e25ebe2fa70297d094fe891b81c4970e45a906a.tar.gz |
services: Explicitly refer to Shadow when requiring the 'nologin' shell.
* gnu/services/avahi.scm (avahi-service): Change 'shell' to a gexp
referring to "nologin" in the SHADOW package.
* gnu/services/dbus.scm (dbus-service): Likewise.
* gnu/services/networking.scm (ntp-service, tor-service): Likewise.
-rw-r--r-- | gnu/services/avahi.scm | 3 | ||||
-rw-r--r-- | gnu/services/dbus.scm | 3 | ||||
-rw-r--r-- | gnu/services/networking.scm | 4 |
3 files changed, 6 insertions, 4 deletions
diff --git a/gnu/services/avahi.scm b/gnu/services/avahi.scm index 89478cb997..0a56f3d7f6 100644 --- a/gnu/services/avahi.scm +++ b/gnu/services/avahi.scm @@ -20,6 +20,7 @@ #:use-module (gnu services) #:use-module (gnu system shadow) #:use-module (gnu packages avahi) + #:use-module (gnu packages admin) #:use-module (guix monads) #:use-module (guix store) #:use-module (guix gexp) @@ -106,6 +107,6 @@ sockets." (comment "Avahi daemon user") (home-directory "/var/empty") (shell - "/run/current-system/profile/sbin/nologin")))))))) + #~(string-append #$shadow "/sbin/nologin"))))))))) ;;; avahi.scm ends here diff --git a/gnu/services/dbus.scm b/gnu/services/dbus.scm index 671dafa194..8f3b350951 100644 --- a/gnu/services/dbus.scm +++ b/gnu/services/dbus.scm @@ -20,6 +20,7 @@ #:use-module (gnu services) #:use-module (gnu system shadow) #:use-module (gnu packages glib) + #:use-module (gnu packages admin) #:use-module (guix monads) #:use-module (guix store) #:use-module (guix gexp) @@ -99,7 +100,7 @@ and policy files. For example, to allow avahi-daemon to use the system bus, (comment "D-Bus system bus user") (home-directory "/var/run/dbus") (shell - "/run/current-system/profile/sbin/nologin")))) + #~(string-append #$shadow "/sbin/nologin"))))) (activate #~(begin (use-modules (guix build utils)) diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm index af8dd43bd6..f9d262d977 100644 --- a/gnu/services/networking.scm +++ b/gnu/services/networking.scm @@ -227,7 +227,7 @@ restrict -6 ::1\n")) (comment "NTP daemon user") (home-directory "/var/empty") (shell - "/run/current-system/profile/sbin/nologin")))))))) + #~(string-append #$shadow "/sbin/nologin"))))))))) (define* (tor-service #:key (tor tor)) "Return a service to run the @uref{https://torproject.org,Tor} daemon. @@ -257,7 +257,7 @@ policy) as the @code{tor} unprivileged user." (comment "Tor daemon user") (home-directory "/var/empty") (shell - "/run/current-system/profile/sbin/nologin")))) + #~(string-append #$shadow "/sbin/nologin"))))) (documentation "Run the Tor anonymous network overlay."))))) |