aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--doc/guix.texi81
-rw-r--r--gnu/local.mk1
-rw-r--r--gnu/services/lightdm.scm272
3 files changed, 354 insertions, 0 deletions
diff --git a/doc/guix.texi b/doc/guix.texi
index c2eff582f8..69ece3ed2f 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -14664,6 +14664,87 @@ auto-login session.
@end table
@end deftp
+@defvr {Scheme Variable} lightdm-service-type
+Service type for the LightDM graphical login manager.
+It uses the @code{lightdm-gtk-greeter} as default greeter.
+See @code{lightdm-configuration} below for configuration of both lightdm
+and lightdm-gtk-greeter or even using a different greeter.
+@end defvr
+
+@deftp {Data Type} lightdm-configuration
+Data type representing the lightDM service configuration.
+
+@table @asis
+@item @code{session-directory} (default:"/run/current-system/profile/share/xsessions:/run/current-system/profile/share/wayland-sessions")
+Directories where LightDM will search for sessions' @code{.desktop} files.
+
+@item @code{allow-empty-passwords?} (default: @code{#f})
+Whether to allow logins with empty passwords.
+
+@item @code{greeter-name} (default: "lightdm-gtk-greeter")
+The name of the default greeter to be used by LightDM.
+
+@item @code{greeter-package} (default: @code{lightdm-gtk-greeter})
+The package containing the greeter described by @code{greeter-name}
+and that will be included in the system's profile.
+
+@item @code{greeter-assets} (default: @code{(list adwaita-icon-theme gnome-themes-standard)})
+A list of packages needed by the greeter: icons, themes, fonts etc.
+
+@item @code{greeter-configuration-file} (default: (lightdm-gtk-greeter-configuration-file (lightdm-gtk-greeter-configuration)))
+The file that will be place in @code{/etc/xdg/lightdm/} directory.
+A @code{computed-file} is expected.
+
+@item @code{xorg-configuration} (default: @code{(xorg-configuration)})
+Configuration of the Xorg graphical server.
+
+@item @code{session-wrapper} (default: @code{(xinitrc)})
+The command to run for a session. It is run as the user and needs
+to exec the command passed in the arguments to complete running the session.
+
+@item @code{default-session-name} (default: @code{#f})
+The name of the default @code{.desktop} file describing as session.
+If @code {autologin-user} and @code{autologin-timeout} are defined,
+LightDM logs in directly using the session described by @code{default-session-name}.
+
+@item @code{autologin-user} (default: @code{#f})
+If @code {default-session-name} and @code{autologin-timeout} are defined,
+LightDM logs in directly as @code{autologin-user}.
+
+@item @code{autologin-timeout} (default: @code{#f})
+If @code {default-session-name} and @code{autologin-user} are defined,
+LightDM logs in automatically after @code{autologin-timeout} seconds.
+Any user activity during that time will cancel autologin
+and allow usual login through authentification.
+
+@item @code{lightdm} (default: @code{lightdm})
+The LightDM package to use.
+
+@end table
+@end deftp
+
+@deftp {Data Type} lightdm-gtk-greeter-configuration
+This data type represents the configuration for ligtdm-gtk-greeter.
+
+@table @asis
+@item @code{theme-name} (default: "Adwaita")
+The name of the GTK+ theme to be used.
+
+@item @code{icon-theme-name} (default: "Adwaita")
+The name of the icon theme to be used for displaying icons.
+
+@item @code{cursor-theme-name} (default: "Adwaita")
+The name of the theme to be used for the cursor.
+
+@item @code{cursor-size} (default: @code{16})
+The size of the cursor.
+
+@item @code{background} (default: "")
+Path to the background image to be used.
+
+@end table
+@end deftp
+
@cindex Xorg, configuration
@deftp {Data Type} xorg-configuration
This data type represents the configuration of the Xorg graphical display
diff --git a/gnu/local.mk b/gnu/local.mk
index 93a1b680d1..50b0de7e69 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -561,6 +561,7 @@ GNU_SYSTEM_MODULES = \
%D%/services/getmail.scm \
%D%/services/guix.scm \
%D%/services/kerberos.scm \
+ %D%/services/lightdm.scm \
%D%/services/lirc.scm \
%D%/services/virtualization.scm \
%D%/services/mail.scm \
diff --git a/gnu/services/lightdm.scm b/gnu/services/lightdm.scm
new file mode 100644
index 0000000000..d0d6c20c2f
--- /dev/null
+++ b/gnu/services/lightdm.scm
@@ -0,0 +1,272 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2019 L p R n d n <guix@lprndn.info>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+
+(define-module (gnu services lightdm)
+ #:use-module (guix gexp)
+ #:use-module (guix records)
+
+ #:use-module (gnu system pam)
+ #:use-module (gnu system shadow)
+
+ #:use-module (gnu services)
+ #:use-module (gnu services dbus)
+ #:use-module (gnu services desktop)
+ #:use-module (gnu services shepherd)
+ #:use-module (gnu services xorg)
+
+ #:use-module (gnu packages admin)
+ #:use-module (gnu packages display-managers)
+ #:use-module (gnu packages freedesktop)
+ #:use-module (gnu packages gnome)
+ #:use-module (gnu packages xorg)
+
+ #:export (lightdm-configuration
+ lightdm-configuration?
+ lightdm-service-type
+ lightdm-gtk-greeter-configuration
+ lightdm-gtk-greeter-configuration-file))
+
+
+(define-record-type* <lightdm-gtk-greeter-configuration>
+ lightdm-gtk-greeter-configuration make-lightdm-gtk-greeter-configuration
+ lightdm-gtk-greeter-configuration?
+ (theme-name lightdm-gtk-greeter-configuration-theme-name
+ (default "Adwaita"))
+ (icon-theme-name
+ lightdm-gtk-greeter-configuration-icon-theme-name
+ (default "Adwaita"))
+ (cursor-theme-name
+ lightdm-gtk-greeter-configuration-cursor-theme-name
+ (default "Adwaita"))
+ (cursor-size lightdm-gtk-greeter-configuration-cursor-size
+ (default 16))
+ (background lightdm-gtk-greeter-configuration-background
+ (default "")))
+
+(define (lightdm-gtk-greeter-configuration-file config)
+ (mixed-text-file "lightdm-gtk-greeter.conf" "
+[greeter]
+theme-name = " (lightdm-gtk-greeter-configuration-theme-name config) "
+icon-theme-name = " (lightdm-gtk-greeter-configuration-icon-theme-name config) "
+cursor-theme-name = " (lightdm-gtk-greeter-configuration-cursor-theme-name config) "
+cursor-theme-size = " (number->string
+ (lightdm-gtk-greeter-configuration-cursor-size config)) "
+background = " (lightdm-gtk-greeter-configuration-background config)))
+
+(define-record-type* <lightdm-configuration>
+ lightdm-configuration make-lightdm-configuration
+ lightdm-configuration?
+
+ (lightdm lightdm-configuration-lightdm
+ (default lightdm))
+ (sessions-directory lightdm-configuration-sessions-directory
+ (default (string-append
+ "/run/current-system/profile/share/xsessions"
+ ":/run/current-system/profile/share/wayland-sessions")))
+ (allow-empty-passwords? lightdm-configuration-allow-empty-passwords?
+ (default #f))
+ ;; [Seat]
+ (xorg-configuration lightdm-configuration-xorg
+ (default (xorg-configuration)))
+ (session-wrapper lightdm-configuration-session-wrapper
+ (default (xinitrc)))
+ (default-session-name lightdm-configuration-default-session
+ (default ""))
+
+ ;; [Autologin]
+ (autologin-user lightdm-configuration-autologin-user
+ (default #f))
+ (autologin-timeout lightdm-configuration-autologin-timeout
+ (default #f))
+ ;; [Greeter]
+ (greeter-name lightdm-configuration-greeter-name
+ (default "lightdm-gtk-greeter"))
+ (greeter-package lightdm-configuration-greeter-package
+ (default lightdm-gtk-greeter))
+ (greeter-assets lightdm-configuration-greeter-assets
+ (default (list adwaita-icon-theme
+ gnome-themes-standard)))
+ (greeter-configuration-file lightdm-configuration-greeter-configuration
+ (default (lightdm-gtk-greeter-configuration-file
+ (lightdm-gtk-greeter-configuration)))))
+
+(define %lightdm-accounts
+ (list (user-group (name "lightdm") (system? #t))
+ (user-account
+ (name "lightdm")
+ (group "lightdm")
+ (system? #t)
+ (comment "LighDM user")
+ (home-directory "/var/lib/lightdm")
+ (shell (file-append shadow "/sbin/nologin")))))
+
+
+(define (lightdm-configuration-file config)
+ (mixed-text-file "lightdm.conf" "
+[LightDM]
+greeter-user = lightdm
+greeters-directory = /run/current-system/profile/share/xgreeters
+sessions-directory = " (lightdm-configuration-sessions-directory config) "
+
+
+[Seat:*]
+xserver-command = " (xorg-start-command (lightdm-configuration-xorg config)) "
+greeter-session = " (lightdm-configuration-greeter-name config) "
+user-session = " (lightdm-configuration-default-session config)
+(if (lightdm-configuration-autologin-user config) (string-append "
+autologin-user = " (lightdm-configuration-autologin-user config)) "")
+(if (string-null? (lightdm-configuration-default-session config)) ""
+ (string-append "
+autologin-session = " (lightdm-configuration-default-session config)))
+(if (lightdm-configuration-autologin-timeout config) (string-append "
+autologin-user-timeout = " (lightdm-configuration-autologin-timeout config)) "") "
+session-wrapper = " (lightdm-configuration-session-wrapper config)))
+
+
+(define (lightdm-pam-service config)
+ "Return a PAM service for @command{lightdm}."
+ (unix-pam-service
+ "lightdm"
+ #:allow-empty-passwords?
+ (lightdm-configuration-allow-empty-passwords? config)))
+
+
+(define (lightdm-greeter-pam-service)
+ "Return a PAM service for @command{lightdm-greeter}}."
+ (pam-service
+ (name "lightdm-greeter")
+ (auth
+ (list
+ ;; Load environment from /etc/environment and ~/.pam_environment
+ (pam-entry (control "required") (module "pam_env.so"))
+ ;; Always let the greeter start without authentication
+ (pam-entry (control "required") (module "pam_permit.so"))))
+ ;; No action required for account management
+ (account
+ (list
+ (pam-entry (control "required") (module "pam_permit.so"))))
+ ;; Can't change password
+ (password
+ (list
+ (pam-entry (control "required") (module "pam_deny.so"))))
+ ;; Setup session
+ (session
+ (list
+ (pam-entry (control "required") (module "pam_unix.so"))
+ (pam-entry (control "required") (module "pam_env.so"))))))
+
+
+(define (lightdm-autologin-pam-service)
+ "Return a PAM service for @command{lightdm-autologin}}."
+ (pam-service
+ (name "lightdm-autologin")
+ (auth
+ (list
+ ;; Block login if they are globally disabled
+ (pam-entry (control "required") (module "pam_nologin.so"))
+ ;; Load environment from /etc/environment and ~/.pam_environment
+ (pam-entry (control "required") (module "pam_env.so"))
+ ;; Allow access without authentication
+ (pam-entry (control "required") (module "pam_permit.so"))))
+ ;; Stop autologin if account requires action
+ (account
+ (list
+ (pam-entry (control "required") (module "pam_unix.so"))))
+ ;; Can't change password
+ (password
+ (list
+ (pam-entry (control "required") (module "pam_deny.so"))))
+ ;; Setup session
+ (session
+ (list
+ (pam-entry (control "required") (module "pam_unix.so"))))))
+
+
+(define (lightdm-shepherd-service config)
+ "Return a <lightdm-service> for LightDM with CONFIG."
+
+ (define lightdm-command
+ #~(list (string-append #$(lightdm-configuration-lightdm config) "/sbin/lightdm")))
+
+ (list (shepherd-service
+ (documentation "LightDM display manager.")
+ (requirement '(dbus-system user-processes host-name))
+ (provision '(display-manager))
+ (respawn? #f)
+ (start #~(lambda ()
+ (fork+exec-command
+ (list #$(file-append
+ (lightdm-configuration-lightdm config)
+ "/sbin/lightdm"))
+ #:environment-variables
+ (list
+ (string-append
+ "PATH=/run/current-system/profile/sbin"
+ ":/run/current-system/profile/bin")))))
+ (stop #~(make-kill-destructor)))))
+
+(define (lightdm-etc-service config)
+ (list `("xdg/lightdm/lightdm.conf.d/lightdm.conf"
+ ,(lightdm-configuration-file config))
+ `(,(string-append "xdg/lightdm/"
+ (computed-file-name
+ (lightdm-configuration-greeter-configuration config)))
+ ,(lightdm-configuration-greeter-configuration config))))
+
+(define (lightdm-pam-services config)
+ (list (lightdm-pam-service config)
+ (lightdm-greeter-pam-service)
+ (lightdm-autologin-pam-service)))
+
+(define (lightdm-profile-service config)
+ (append (list lightdm
+ (lightdm-configuration-greeter-package config))
+ (lightdm-configuration-greeter-assets config)))
+
+(define (lightdm-activation-service config)
+ (with-imported-modules '((guix build utils))
+ #~(begin
+ (use-modules (guix build utils))
+ (define %user
+ (getpw "lightdm"))
+ (let ((directory "/var/lib/lightdm-data"))
+ (mkdir-p directory)
+ (chown directory (passwd:uid %user) (passwd:gid %user))))))
+
+(define lightdm-service-type
+ (service-type (name 'lightdm)
+ (extensions
+ (list
+ (service-extension shepherd-root-service-type
+ lightdm-shepherd-service)
+ (service-extension activation-service-type
+ lightdm-activation-service)
+ (service-extension pam-root-service-type
+ lightdm-pam-services)
+ (service-extension etc-service-type
+ lightdm-etc-service)
+ (service-extension dbus-root-service-type
+ (compose list lightdm-configuration-lightdm))
+ (service-extension account-service-type
+ (const %lightdm-accounts))
+ (service-extension profile-service-type
+ lightdm-profile-service)))
+ (default-value (lightdm-configuration))
+ (description "Return a service that spawns the LightDM graphical login
+ manager.")))