diff options
-rw-r--r-- | doc/guix.texi | 81 | ||||
-rw-r--r-- | gnu/local.mk | 1 | ||||
-rw-r--r-- | gnu/services/lightdm.scm | 272 |
3 files changed, 354 insertions, 0 deletions
diff --git a/doc/guix.texi b/doc/guix.texi index c2eff582f8..69ece3ed2f 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -14664,6 +14664,87 @@ auto-login session. @end table @end deftp +@defvr {Scheme Variable} lightdm-service-type +Service type for the LightDM graphical login manager. +It uses the @code{lightdm-gtk-greeter} as default greeter. +See @code{lightdm-configuration} below for configuration of both lightdm +and lightdm-gtk-greeter or even using a different greeter. +@end defvr + +@deftp {Data Type} lightdm-configuration +Data type representing the lightDM service configuration. + +@table @asis +@item @code{session-directory} (default:"/run/current-system/profile/share/xsessions:/run/current-system/profile/share/wayland-sessions") +Directories where LightDM will search for sessions' @code{.desktop} files. + +@item @code{allow-empty-passwords?} (default: @code{#f}) +Whether to allow logins with empty passwords. + +@item @code{greeter-name} (default: "lightdm-gtk-greeter") +The name of the default greeter to be used by LightDM. + +@item @code{greeter-package} (default: @code{lightdm-gtk-greeter}) +The package containing the greeter described by @code{greeter-name} +and that will be included in the system's profile. + +@item @code{greeter-assets} (default: @code{(list adwaita-icon-theme gnome-themes-standard)}) +A list of packages needed by the greeter: icons, themes, fonts etc. + +@item @code{greeter-configuration-file} (default: (lightdm-gtk-greeter-configuration-file (lightdm-gtk-greeter-configuration))) +The file that will be place in @code{/etc/xdg/lightdm/} directory. +A @code{computed-file} is expected. + +@item @code{xorg-configuration} (default: @code{(xorg-configuration)}) +Configuration of the Xorg graphical server. + +@item @code{session-wrapper} (default: @code{(xinitrc)}) +The command to run for a session. It is run as the user and needs +to exec the command passed in the arguments to complete running the session. + +@item @code{default-session-name} (default: @code{#f}) +The name of the default @code{.desktop} file describing as session. +If @code {autologin-user} and @code{autologin-timeout} are defined, +LightDM logs in directly using the session described by @code{default-session-name}. + +@item @code{autologin-user} (default: @code{#f}) +If @code {default-session-name} and @code{autologin-timeout} are defined, +LightDM logs in directly as @code{autologin-user}. + +@item @code{autologin-timeout} (default: @code{#f}) +If @code {default-session-name} and @code{autologin-user} are defined, +LightDM logs in automatically after @code{autologin-timeout} seconds. +Any user activity during that time will cancel autologin +and allow usual login through authentification. + +@item @code{lightdm} (default: @code{lightdm}) +The LightDM package to use. + +@end table +@end deftp + +@deftp {Data Type} lightdm-gtk-greeter-configuration +This data type represents the configuration for ligtdm-gtk-greeter. + +@table @asis +@item @code{theme-name} (default: "Adwaita") +The name of the GTK+ theme to be used. + +@item @code{icon-theme-name} (default: "Adwaita") +The name of the icon theme to be used for displaying icons. + +@item @code{cursor-theme-name} (default: "Adwaita") +The name of the theme to be used for the cursor. + +@item @code{cursor-size} (default: @code{16}) +The size of the cursor. + +@item @code{background} (default: "") +Path to the background image to be used. + +@end table +@end deftp + @cindex Xorg, configuration @deftp {Data Type} xorg-configuration This data type represents the configuration of the Xorg graphical display diff --git a/gnu/local.mk b/gnu/local.mk index 93a1b680d1..50b0de7e69 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -561,6 +561,7 @@ GNU_SYSTEM_MODULES = \ %D%/services/getmail.scm \ %D%/services/guix.scm \ %D%/services/kerberos.scm \ + %D%/services/lightdm.scm \ %D%/services/lirc.scm \ %D%/services/virtualization.scm \ %D%/services/mail.scm \ diff --git a/gnu/services/lightdm.scm b/gnu/services/lightdm.scm new file mode 100644 index 0000000000..d0d6c20c2f --- /dev/null +++ b/gnu/services/lightdm.scm @@ -0,0 +1,272 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2019 L p R n d n <guix@lprndn.info> +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. + + +(define-module (gnu services lightdm) + #:use-module (guix gexp) + #:use-module (guix records) + + #:use-module (gnu system pam) + #:use-module (gnu system shadow) + + #:use-module (gnu services) + #:use-module (gnu services dbus) + #:use-module (gnu services desktop) + #:use-module (gnu services shepherd) + #:use-module (gnu services xorg) + + #:use-module (gnu packages admin) + #:use-module (gnu packages display-managers) + #:use-module (gnu packages freedesktop) + #:use-module (gnu packages gnome) + #:use-module (gnu packages xorg) + + #:export (lightdm-configuration + lightdm-configuration? + lightdm-service-type + lightdm-gtk-greeter-configuration + lightdm-gtk-greeter-configuration-file)) + + +(define-record-type* <lightdm-gtk-greeter-configuration> + lightdm-gtk-greeter-configuration make-lightdm-gtk-greeter-configuration + lightdm-gtk-greeter-configuration? + (theme-name lightdm-gtk-greeter-configuration-theme-name + (default "Adwaita")) + (icon-theme-name + lightdm-gtk-greeter-configuration-icon-theme-name + (default "Adwaita")) + (cursor-theme-name + lightdm-gtk-greeter-configuration-cursor-theme-name + (default "Adwaita")) + (cursor-size lightdm-gtk-greeter-configuration-cursor-size + (default 16)) + (background lightdm-gtk-greeter-configuration-background + (default ""))) + +(define (lightdm-gtk-greeter-configuration-file config) + (mixed-text-file "lightdm-gtk-greeter.conf" " +[greeter] +theme-name = " (lightdm-gtk-greeter-configuration-theme-name config) " +icon-theme-name = " (lightdm-gtk-greeter-configuration-icon-theme-name config) " +cursor-theme-name = " (lightdm-gtk-greeter-configuration-cursor-theme-name config) " +cursor-theme-size = " (number->string + (lightdm-gtk-greeter-configuration-cursor-size config)) " +background = " (lightdm-gtk-greeter-configuration-background config))) + +(define-record-type* <lightdm-configuration> + lightdm-configuration make-lightdm-configuration + lightdm-configuration? + + (lightdm lightdm-configuration-lightdm + (default lightdm)) + (sessions-directory lightdm-configuration-sessions-directory + (default (string-append + "/run/current-system/profile/share/xsessions" + ":/run/current-system/profile/share/wayland-sessions"))) + (allow-empty-passwords? lightdm-configuration-allow-empty-passwords? + (default #f)) + ;; [Seat] + (xorg-configuration lightdm-configuration-xorg + (default (xorg-configuration))) + (session-wrapper lightdm-configuration-session-wrapper + (default (xinitrc))) + (default-session-name lightdm-configuration-default-session + (default "")) + + ;; [Autologin] + (autologin-user lightdm-configuration-autologin-user + (default #f)) + (autologin-timeout lightdm-configuration-autologin-timeout + (default #f)) + ;; [Greeter] + (greeter-name lightdm-configuration-greeter-name + (default "lightdm-gtk-greeter")) + (greeter-package lightdm-configuration-greeter-package + (default lightdm-gtk-greeter)) + (greeter-assets lightdm-configuration-greeter-assets + (default (list adwaita-icon-theme + gnome-themes-standard))) + (greeter-configuration-file lightdm-configuration-greeter-configuration + (default (lightdm-gtk-greeter-configuration-file + (lightdm-gtk-greeter-configuration))))) + +(define %lightdm-accounts + (list (user-group (name "lightdm") (system? #t)) + (user-account + (name "lightdm") + (group "lightdm") + (system? #t) + (comment "LighDM user") + (home-directory "/var/lib/lightdm") + (shell (file-append shadow "/sbin/nologin"))))) + + +(define (lightdm-configuration-file config) + (mixed-text-file "lightdm.conf" " +[LightDM] +greeter-user = lightdm +greeters-directory = /run/current-system/profile/share/xgreeters +sessions-directory = " (lightdm-configuration-sessions-directory config) " + + +[Seat:*] +xserver-command = " (xorg-start-command (lightdm-configuration-xorg config)) " +greeter-session = " (lightdm-configuration-greeter-name config) " +user-session = " (lightdm-configuration-default-session config) +(if (lightdm-configuration-autologin-user config) (string-append " +autologin-user = " (lightdm-configuration-autologin-user config)) "") +(if (string-null? (lightdm-configuration-default-session config)) "" + (string-append " +autologin-session = " (lightdm-configuration-default-session config))) +(if (lightdm-configuration-autologin-timeout config) (string-append " +autologin-user-timeout = " (lightdm-configuration-autologin-timeout config)) "") " +session-wrapper = " (lightdm-configuration-session-wrapper config))) + + +(define (lightdm-pam-service config) + "Return a PAM service for @command{lightdm}." + (unix-pam-service + "lightdm" + #:allow-empty-passwords? + (lightdm-configuration-allow-empty-passwords? config))) + + +(define (lightdm-greeter-pam-service) + "Return a PAM service for @command{lightdm-greeter}}." + (pam-service + (name "lightdm-greeter") + (auth + (list + ;; Load environment from /etc/environment and ~/.pam_environment + (pam-entry (control "required") (module "pam_env.so")) + ;; Always let the greeter start without authentication + (pam-entry (control "required") (module "pam_permit.so")))) + ;; No action required for account management + (account + (list + (pam-entry (control "required") (module "pam_permit.so")))) + ;; Can't change password + (password + (list + (pam-entry (control "required") (module "pam_deny.so")))) + ;; Setup session + (session + (list + (pam-entry (control "required") (module "pam_unix.so")) + (pam-entry (control "required") (module "pam_env.so")))))) + + +(define (lightdm-autologin-pam-service) + "Return a PAM service for @command{lightdm-autologin}}." + (pam-service + (name "lightdm-autologin") + (auth + (list + ;; Block login if they are globally disabled + (pam-entry (control "required") (module "pam_nologin.so")) + ;; Load environment from /etc/environment and ~/.pam_environment + (pam-entry (control "required") (module "pam_env.so")) + ;; Allow access without authentication + (pam-entry (control "required") (module "pam_permit.so")))) + ;; Stop autologin if account requires action + (account + (list + (pam-entry (control "required") (module "pam_unix.so")))) + ;; Can't change password + (password + (list + (pam-entry (control "required") (module "pam_deny.so")))) + ;; Setup session + (session + (list + (pam-entry (control "required") (module "pam_unix.so")))))) + + +(define (lightdm-shepherd-service config) + "Return a <lightdm-service> for LightDM with CONFIG." + + (define lightdm-command + #~(list (string-append #$(lightdm-configuration-lightdm config) "/sbin/lightdm"))) + + (list (shepherd-service + (documentation "LightDM display manager.") + (requirement '(dbus-system user-processes host-name)) + (provision '(display-manager)) + (respawn? #f) + (start #~(lambda () + (fork+exec-command + (list #$(file-append + (lightdm-configuration-lightdm config) + "/sbin/lightdm")) + #:environment-variables + (list + (string-append + "PATH=/run/current-system/profile/sbin" + ":/run/current-system/profile/bin"))))) + (stop #~(make-kill-destructor))))) + +(define (lightdm-etc-service config) + (list `("xdg/lightdm/lightdm.conf.d/lightdm.conf" + ,(lightdm-configuration-file config)) + `(,(string-append "xdg/lightdm/" + (computed-file-name + (lightdm-configuration-greeter-configuration config))) + ,(lightdm-configuration-greeter-configuration config)))) + +(define (lightdm-pam-services config) + (list (lightdm-pam-service config) + (lightdm-greeter-pam-service) + (lightdm-autologin-pam-service))) + +(define (lightdm-profile-service config) + (append (list lightdm + (lightdm-configuration-greeter-package config)) + (lightdm-configuration-greeter-assets config))) + +(define (lightdm-activation-service config) + (with-imported-modules '((guix build utils)) + #~(begin + (use-modules (guix build utils)) + (define %user + (getpw "lightdm")) + (let ((directory "/var/lib/lightdm-data")) + (mkdir-p directory) + (chown directory (passwd:uid %user) (passwd:gid %user)))))) + +(define lightdm-service-type + (service-type (name 'lightdm) + (extensions + (list + (service-extension shepherd-root-service-type + lightdm-shepherd-service) + (service-extension activation-service-type + lightdm-activation-service) + (service-extension pam-root-service-type + lightdm-pam-services) + (service-extension etc-service-type + lightdm-etc-service) + (service-extension dbus-root-service-type + (compose list lightdm-configuration-lightdm)) + (service-extension account-service-type + (const %lightdm-accounts)) + (service-extension profile-service-type + lightdm-profile-service))) + (default-value (lightdm-configuration)) + (description "Return a service that spawns the LightDM graphical login + manager."))) |