aboutsummaryrefslogtreecommitdiff
path: root/gnu/services
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/services')
-rw-r--r--gnu/services/cuirass.scm4
-rw-r--r--gnu/services/security-token.scm25
2 files changed, 19 insertions, 10 deletions
diff --git a/gnu/services/cuirass.scm b/gnu/services/cuirass.scm
index 9c62080629..496b2d06c8 100644
--- a/gnu/services/cuirass.scm
+++ b/gnu/services/cuirass.scm
@@ -61,7 +61,7 @@
(interval cuirass-configuration-interval ;integer (seconds)
(default 60))
(database cuirass-configuration-database ;string (file-name)
- (default "/var/run/cuirass/cuirass.db"))
+ (default "/var/lib/cuirass/cuirass.db"))
(port cuirass-configuration-port ;integer (port)
(default 8081))
(host cuirass-configuration-host ;string
@@ -131,7 +131,7 @@
(group cuirass-group)
(system? #t)
(comment "Cuirass privilege separation user")
- (home-directory (string-append "/var/run/" cuirass-user))
+ (home-directory (string-append "/var/lib/" cuirass-user))
(shell #~(string-append #$shadow "/sbin/nologin"))))))
(define (cuirass-activation config)
diff --git a/gnu/services/security-token.scm b/gnu/services/security-token.scm
index 7e7ea54a50..354549b33c 100644
--- a/gnu/services/security-token.scm
+++ b/gnu/services/security-token.scm
@@ -20,6 +20,7 @@
#:use-module (gnu services)
#:use-module (gnu services shepherd)
#:use-module (gnu packages admin)
+ #:use-module (gnu packages base)
#:use-module (gnu packages security-token)
#:use-module (gnu system shadow)
#:use-module (guix gexp)
@@ -62,14 +63,22 @@
(define pcscd-activation
(match-lambda
(($ <pcscd-configuration> pcsc-lite usb-drivers)
- #~(begin
- (use-modules (guix build utils))
- (mkdir-p "/var/lib")
- (symlink #$(directory-union
- "pcsc"
- (map (cut file-append <> "/pcsc")
- usb-drivers))
- "/var/lib/pcsc")))))
+ (with-imported-modules (source-module-closure
+ '((guix build utils)))
+ #~(begin
+ (use-modules (guix build utils))
+ ;; XXX: We can't use (guix utils) because it requires a
+ ;; dynamically-linked Guile, hence the duplicate switch-symlinks.
+ (define (switch-symlinks link target)
+ (let ((pivot (string-append link ".new")))
+ (symlink target pivot)
+ (rename-file pivot link)))
+ (mkdir-p "/var/lib")
+ (switch-symlinks "/var/lib/pcsc"
+ #$(directory-union
+ "pcsc"
+ (map (cut file-append <> "/pcsc")
+ usb-drivers))))))))
(define pcscd-service-type
(service-type