HCoop / jackhill / guix / guix.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
services: Add Shepherd 'configuration' action to various services.
[jackhill/guix/guix.git] / gnu / services / xorg.scm
1 ;;; GNU Guix --- Functional package management for GNU
2 ;;; Copyright © 2017 Andy Wingo <wingo@igalia.com>
3 ;;; Copyright © 2013-2017, 2019-2020, 2022 Ludovic Courtès <ludo@gnu.org>
4 ;;; Copyright © 2015 Sou Bunnbu <iyzsong@gmail.com>
5 ;;; Copyright © 2018, 2019 Timothy Sample <samplet@ngyro.com>
6 ;;; Copyright © 2019 Jan (janneke) Nieuwenhuizen <janneke@gnu.org>
7 ;;; Copyright © 2019 Tim Gesthuizen <tim.gesthuizen@yahoo.de>
8 ;;; Copyright © 2020 shtwzrd <shtwzrd@protonmail.com>
9 ;;; Copyright © 2020 Jakub Kądziołka <kuba@kadziolka.net>
10 ;;; Copyright © 2020 Alex Griffin <a@ajgrf.com>
11 ;;; Copyright © 2021 Brice Waegeneire <brice@waegenei.re>
12 ;;; Copyright © 2021 Oleg Pykhalov <go.wigust@gmail.com>
13 ;;; Copyright © 2021 Josselin Poiret <josselin.poiret@protonmail.ch>
14 ;;; Copyright © 2022 Chris Marusich <cmmarusich@gmail.com>
15 ;;; Copyright © 2022 Maxim Cournoyer <maxim.cournoyer@gmail.com>
16 ;;;
17 ;;; This file is part of GNU Guix.
18 ;;;
19 ;;; GNU Guix is free software; you can redistribute it and/or modify it
20 ;;; under the terms of the GNU General Public License as published by
21 ;;; the Free Software Foundation; either version 3 of the License, or (at
22 ;;; your option) any later version.
23 ;;;
24 ;;; GNU Guix is distributed in the hope that it will be useful, but
25 ;;; WITHOUT ANY WARRANTY; without even the implied warranty of
26 ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
27 ;;; GNU General Public License for more details.
28 ;;;
29 ;;; You should have received a copy of the GNU General Public License
30 ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
31
32 (define-module (gnu services xorg)
33 #:autoload (gnu services sddm) (sddm-service-type)
34 #:use-module (gnu artwork)
35 #:use-module (gnu services)
36 #:use-module (gnu services configuration)
37 #:use-module (gnu services shepherd)
38 #:use-module (gnu system pam)
39 #:use-module (gnu system setuid)
40 #:use-module (gnu system keyboard)
41 #:use-module (gnu services base)
42 #:use-module (gnu services dbus)
43 #:use-module (gnu packages base)
44 #:use-module (gnu packages guile)
45 #:use-module (gnu packages xorg)
46 #:use-module (gnu packages fonts)
47 #:use-module (gnu packages gl)
48 #:use-module (gnu packages glib)
49 #:use-module (gnu packages display-managers)
50 #:use-module (gnu packages freedesktop)
51 #:use-module (gnu packages gnustep)
52 #:use-module (gnu packages gnome)
53 #:use-module (gnu packages admin)
54 #:use-module (gnu packages bash)
55 #:use-module (gnu system shadow)
56 #:use-module (guix build-system glib-or-gtk)
57 #:use-module (guix build-system trivial)
58 #:use-module (guix gexp)
59 #:use-module (guix store)
60 #:use-module (guix packages)
61 #:use-module (guix derivations)
62 #:use-module (guix records)
63 #:use-module (guix deprecation)
64 #:use-module (guix utils)
65 #:use-module (srfi srfi-1)
66 #:use-module (srfi srfi-9)
67 #:use-module (srfi srfi-26)
68 #:use-module (ice-9 format)
69 #:use-module (ice-9 match)
70 #:export (xorg-configuration
71 xorg-configuration?
72 xorg-configuration-modules
73 xorg-configuration-fonts
74 xorg-configuration-drivers
75 xorg-configuration-resolutions
76 xorg-configuration-extra-config
77 xorg-configuration-server
78 xorg-configuration-server-arguments
79
80 %default-xorg-modules
81 %default-xorg-fonts
82 %default-xorg-server-arguments
83
84 xorg-wrapper
85 xorg-start-command
86 xinitrc
87 xorg-server-service-type
88
89 %default-slim-theme
90 %default-slim-theme-name
91
92 slim-configuration
93 slim-configuration?
94 slim-configuration-slim
95 slim-configuration-allow-empty-passwords?
96 slim-configuration-auto-login?
97 slim-configuration-default-user
98 slim-configuration-theme
99 slim-configuration-theme-name
100 slim-configuration-xauth
101 slim-configuration-shepherd
102 slim-configuration-auto-login-session
103 slim-configuration-xorg
104 slim-configuration-display
105 slim-configuration-vt
106 slim-configuration-sessreg
107
108 slim-service-type
109
110 screen-locker
111 screen-locker?
112 screen-locker-service-type
113 screen-locker-service
114
115 localed-configuration
116 localed-configuration?
117 localed-service-type
118
119 dconf-keyfile
120 dconf-profile
121 dconf-profile-name
122 dconf-profile-content
123 dconf-profile-keyfile
124 dconf-service-type
125
126 gdm-configuration
127 gdm-service-type
128
129 handle-xorg-configuration
130 set-xorg-configuration))
131
132 ;;; Commentary:
133 ;;;
134 ;;; Services that relate to the X Window System.
135 ;;;
136 ;;; Code:
137
138 (define %default-xorg-modules
139 ;; Default list of modules loaded by the server. When multiple drivers
140 ;; match, the first one in the list is loaded.
141 (list xf86-video-vesa
142 xf86-video-fbdev
143 xf86-video-amdgpu
144 xf86-video-ati
145 xf86-video-cirrus
146 xf86-video-intel
147 xf86-video-mach64
148 xf86-video-nouveau
149 xf86-video-nv
150 xf86-video-sis
151
152 ;; Libinput is the new thing and is recommended over evdev/synaptics:
153 ;; <http://who-t.blogspot.fr/2015/01/xf86-input-libinput-compatibility-with.html>.
154 xf86-input-libinput
155
156 xf86-input-evdev
157 xf86-input-keyboard
158 xf86-input-mouse))
159
160 (define %default-xorg-fonts
161 ;; Default list of fonts available to the X server.
162 (list (file-append font-alias "/share/fonts/X11/75dpi")
163 (file-append font-alias "/share/fonts/X11/100dpi")
164 (file-append font-alias "/share/fonts/X11/misc")
165 (file-append font-alias "/share/fonts/X11/cyrillic")
166 (file-append font-misc-misc ;default fonts for xterm
167 "/share/fonts/X11/misc")
168 (file-append font-adobe75dpi "/share/fonts/X11/75dpi")))
169
170 (define %default-xorg-server-arguments
171 ;; Default command-line arguments for X.
172 '("-nolisten" "tcp"))
173
174 ;; Configuration of an Xorg server.
175 (define-record-type* <xorg-configuration>
176 xorg-configuration make-xorg-configuration
177 xorg-configuration?
178 (modules xorg-configuration-modules ;list of file-like
179 (thunked)
180 ; filter out modules not supported on current system
181 (default (filter
182 (lambda (p)
183 (member (%current-system)
184 (package-supported-systems p)))
185 %default-xorg-modules)))
186 (fonts xorg-configuration-fonts ;list of packges
187 (default %default-xorg-fonts))
188 (drivers xorg-configuration-drivers ;list of strings
189 (default '()))
190 (resolutions xorg-configuration-resolutions ;list of tuples
191 (default '()))
192 (keyboard-layout xorg-configuration-keyboard-layout ;#f | <keyboard-layout>
193 (default #f))
194 (extra-config xorg-configuration-extra-config ;list of strings
195 (default '()))
196 (server xorg-configuration-server ;file-like
197 (default xorg-server))
198 (server-arguments xorg-configuration-server-arguments ;list of strings
199 (default %default-xorg-server-arguments)))
200
201 (define (xorg-configuration->file config)
202 "Compute an Xorg configuration file corresponding to CONFIG, an
203 <xorg-configuration> record."
204 (let ((xorg-server (xorg-configuration-server config)))
205 (define all-modules
206 ;; 'xorg-server' provides 'fbdevhw.so' etc.
207 (append (xorg-configuration-modules config)
208 (list xorg-server)))
209
210 (define build
211 #~(begin
212 (use-modules (ice-9 match)
213 (srfi srfi-1)
214 (srfi srfi-26))
215
216 (call-with-output-file #$output
217 (lambda (port)
218 (define drivers
219 '#$(xorg-configuration-drivers config))
220
221 (define (device-section driver)
222 (string-append "
223 Section \"Device\"
224 Identifier \"device-" driver "\"
225 Driver \"" driver "\"
226 EndSection"))
227
228 (define (screen-section driver resolutions)
229 (string-append "
230 Section \"Screen\"
231 Identifier \"screen-" driver "\"
232 Device \"device-" driver "\"
233 SubSection \"Display\"
234 Modes "
235 (string-join (map (match-lambda
236 ((x y)
237 (string-append "\"" (number->string x)
238 "x" (number->string y) "\"")))
239 resolutions)) "
240 EndSubSection
241 EndSection"))
242
243 (define (input-class-section layout variant model options)
244 (string-append "
245 Section \"InputClass\"
246 Identifier \"evdev keyboard catchall\"
247 MatchIsKeyboard \"on\"
248 Option \"XkbLayout\" " (object->string layout)
249 (if variant
250 (string-append " Option \"XkbVariant\" \""
251 variant "\"")
252 "")
253 (if model
254 (string-append " Option \"XkbModel\" \""
255 model "\"")
256 "")
257 (match options
258 (()
259 "")
260 (_
261 (string-append " Option \"XkbOptions\" \""
262 (string-join options ",") "\""))) "
263
264 MatchDevicePath \"/dev/input/event*\"
265 Driver \"evdev\"
266 EndSection\n"))
267
268 (define (expand modules)
269 ;; Append to MODULES the relevant /lib/xorg/modules
270 ;; sub-directories.
271 (append-map (lambda (module)
272 (filter-map (lambda (directory)
273 (let ((full (string-append module
274 directory)))
275 (and (file-exists? full)
276 full)))
277 '("/lib/xorg/modules/drivers"
278 "/lib/xorg/modules/input"
279 "/lib/xorg/modules/multimedia"
280 "/lib/xorg/modules/extensions")))
281 modules))
282
283 (display "Section \"Files\"\n" port)
284 (for-each (lambda (font)
285 (format port " FontPath \"~a\"~%" font))
286 '#$(xorg-configuration-fonts config))
287 (for-each (lambda (module)
288 (format port
289 " ModulePath \"~a\"~%"
290 module))
291 (append (expand '#$all-modules)
292
293 ;; For fbdevhw.so and so on.
294 (list #$(file-append xorg-server
295 "/lib/xorg/modules"))))
296 (display "EndSection\n" port)
297 (display "
298 Section \"ServerFlags\"
299 Option \"AllowMouseOpenFail\" \"on\"
300 EndSection\n" port)
301
302 (display (string-join (map device-section drivers) "\n")
303 port)
304 (newline port)
305 (display (string-join
306 (map (cut screen-section <>
307 '#$(xorg-configuration-resolutions config))
308 drivers)
309 "\n")
310 port)
311 (newline port)
312
313 (let ((layout #$(and=> (xorg-configuration-keyboard-layout config)
314 keyboard-layout-name))
315 (variant #$(and=> (xorg-configuration-keyboard-layout config)
316 keyboard-layout-variant))
317 (model #$(and=> (xorg-configuration-keyboard-layout config)
318 keyboard-layout-model))
319 (options '#$(and=> (xorg-configuration-keyboard-layout config)
320 keyboard-layout-options)))
321 (when layout
322 (display (input-class-section layout variant model options)
323 port)
324 (newline port)))
325
326 (for-each (lambda (config)
327 (display config port))
328 '#$(xorg-configuration-extra-config config))))))
329
330 (computed-file "xserver.conf" build)))
331
332 (define (xorg-configuration-directory modules)
333 "Return a directory that contains the @code{.conf} files for X.org that
334 includes the @code{share/X11/xorg.conf.d} directories of each package listed
335 in @var{modules}."
336 (with-imported-modules '((guix build utils))
337 (computed-file "xorg.conf.d"
338 #~(begin
339 (use-modules (guix build utils)
340 (srfi srfi-1))
341
342 (define files
343 (append-map (lambda (module)
344 (find-files (string-append
345 module
346 "/share/X11/xorg.conf.d")
347 "\\.conf$"))
348 (list #$@modules)))
349
350 (mkdir #$output)
351 (for-each (lambda (file)
352 (symlink file
353 (string-append #$output "/"
354 (basename file))))
355 files)
356 #t))))
357
358 (define* (xorg-wrapper #:optional (config (xorg-configuration)))
359 "Return a derivation that builds a script to start the X server with the
360 given @var{config}. The resulting script should be used in place of
361 @code{/usr/bin/X}."
362 (define exp
363 ;; Write a small wrapper around the X server.
364 #~(begin
365 (setenv "XORG_DRI_DRIVER_PATH" (string-append #$mesa "/lib/dri"))
366 (setenv "XKB_BINDIR" (string-append #$xkbcomp "/bin"))
367
368 (let ((X (string-append #$(xorg-configuration-server config) "/bin/X")))
369 (apply execl X X
370 "-xkbdir" (string-append #$xkeyboard-config "/share/X11/xkb")
371 "-config" #$(xorg-configuration->file config)
372 "-configdir" #$(xorg-configuration-directory
373 (xorg-configuration-modules config))
374 (cdr (command-line))))))
375
376 (program-file "X-wrapper" exp))
377
378 (define* (xorg-start-command #:optional (config (xorg-configuration)))
379 "Return a @code{startx} script in which the modules, fonts, etc. specified
380 in @var{config}, are available. The result should be used in place of
381 @code{startx}."
382 (define X
383 (xorg-wrapper config))
384
385 (define exp
386 ;; Write a small wrapper around the X server.
387 #~(apply execl #$X #$X ;; Second #$X is for argv[0].
388 "-logverbose" "-verbose" "-terminate"
389 #$@(xorg-configuration-server-arguments config)
390 (cdr (command-line))))
391
392 (program-file "startx" exp))
393
394 (define* (xinitrc #:key fallback-session)
395 "Return a system-wide xinitrc script that starts the specified X session,
396 which should be passed to this script as the first argument. If not, the
397 @var{fallback-session} will be used or, if @var{fallback-session} is false, a
398 desktop session from the system or user profile will be used."
399 (define builder
400 #~(begin
401 (use-modules (ice-9 match)
402 (ice-9 regex)
403 (ice-9 ftw)
404 (ice-9 rdelim)
405 (srfi srfi-1)
406 (srfi srfi-26))
407
408 (define (close-all-fdes)
409 ;; Close all the open file descriptors except 0 to 2.
410 (let loop ((fd 3))
411 (when (< fd 4096) ;FIXME: use sysconf + _SC_OPEN_MAX
412 (false-if-exception (close-fdes fd))
413 (loop (+ 1 fd)))))
414
415 (define (exec-from-login-shell command . args)
416 ;; Run COMMAND from a login shell so that it gets to see the same
417 ;; environment variables that one gets when logging in on a tty, for
418 ;; instance.
419 (let* ((pw (getpw (getuid)))
420 (shell (passwd:shell pw)))
421 ;; Close any open file descriptors. This is all the more
422 ;; important that SLiM itself exec's us directly without closing
423 ;; its own file descriptors!
424 (close-all-fdes)
425
426 ;; The '--login' option is supported at least by Bash and zsh.
427 (execl shell shell "--login" "-c"
428 (string-join (cons command args)))))
429
430 (define system-profile
431 "/run/current-system/profile")
432
433 (define user-profile
434 (and=> (getpw (getuid))
435 (lambda (pw)
436 (string-append (passwd:dir pw) "/.guix-profile"))))
437
438 (define (xsession-command desktop-file)
439 ;; Read from DESKTOP-FILE its X session command and return it as a
440 ;; list.
441 (define exec-regexp
442 (make-regexp "^[[:blank:]]*Exec=(.*)$"))
443
444 (call-with-input-file desktop-file
445 (lambda (port)
446 (let loop ()
447 (match (read-line port)
448 ((? eof-object?) #f)
449 ((= (cut regexp-exec exec-regexp <>) result)
450 (if result
451 (string-tokenize (match:substring result 1))
452 (loop))))))))
453
454 (define (find-session profile)
455 ;; Return an X session command from PROFILE or #f if none was found.
456 (let ((directory (string-append profile "/share/xsessions")))
457 (match (scandir directory
458 (cut string-suffix? ".desktop" <>))
459 ((or () #f)
460 #f)
461 ((sessions ...)
462 (any xsession-command
463 (map (cut string-append directory "/" <>)
464 sessions))))))
465
466 (let* ((home (getenv "HOME"))
467 (xsession-file (string-append home "/.xsession"))
468 (session (match (command-line)
469 ((_)
470 #$(if fallback-session
471 #~(list #$fallback-session)
472 #f))
473 ((_ x ..1)
474 x))))
475 (if (file-exists? xsession-file)
476 ;; Run ~/.xsession when it exists.
477 (apply exec-from-login-shell xsession-file
478 (or session '()))
479 ;; Otherwise, start the specified session or a fallback.
480 (apply exec-from-login-shell
481 (or session
482 (find-session user-profile)
483 (find-session system-profile)))))))
484
485 (program-file "xinitrc" builder))
486
487 (define-syntax handle-xorg-configuration
488 (syntax-rules ()
489 "Generate the `compose' and `extend' entries of a login manager
490 `service-type' to handle specifying the `xorg-configuration' through
491 a `service-extension', as used by `set-xorg-configuration'."
492 ((_ configuration-record service-type-definition)
493 (service-type
494 (inherit service-type-definition)
495 (compose (lambda (extensions)
496 (match extensions
497 (() #f)
498 ((config . _) config))))
499 (extend (lambda (config xorg-configuration)
500 (if xorg-configuration
501 (configuration-record
502 (inherit config)
503 (xorg-configuration xorg-configuration))
504 config)))))))
505
506 (define (xorg-server-profile-service config)
507 ;; XXX: profile-service-type only accepts <package> objects.
508 (list
509 (package
510 (name "xorg-wrapper")
511 (version (package-version xorg-server))
512 (source (xorg-wrapper config))
513 (build-system trivial-build-system)
514 (arguments
515 '(#:modules ((guix build utils))
516 #:builder
517 (begin
518 (use-modules (guix build utils))
519 (let* ((source (assoc-ref %build-inputs "source"))
520 (out (assoc-ref %outputs "out"))
521 (bin (string-append out "/bin")))
522 (mkdir-p bin)
523 (symlink source (string-append bin "/X"))
524 (symlink source (string-append bin "/Xorg"))
525 #t))))
526 (home-page (package-home-page xorg-server))
527 (synopsis (package-synopsis xorg-server))
528 (description (package-description xorg-server))
529 (license (package-license xorg-server)))))
530
531 (define xorg-server-service-type
532 (service-type
533 (name 'xorg-server)
534 (extensions
535 (list (service-extension profile-service-type
536 xorg-server-profile-service)))
537 (default-value (xorg-configuration))
538 (description "Add @command{X} to the system profile, to be used with
539 @command{sx} or @command{xinit}.")))
540
541 \f
542 ;;;
543 ;;; SLiM log-in manager.
544 ;;;
545
546 (define %default-slim-theme
547 ;; Theme based on work by Felipe López.
548 (file-append %artwork-repository "/slim"))
549
550 (define %default-slim-theme-name
551 ;; This must be the name of the sub-directory in %DEFAULT-SLIM-THEME that
552 ;; contains the actual theme files.
553 "1.x")
554
555 (define-record-type* <slim-configuration>
556 slim-configuration make-slim-configuration
557 slim-configuration?
558 (slim slim-configuration-slim
559 (default slim))
560 (allow-empty-passwords? slim-configuration-allow-empty-passwords?
561 (default #t))
562 (gnupg? slim-configuration-gnupg?
563 (default #f))
564 (auto-login? slim-configuration-auto-login?
565 (default #f))
566 (default-user slim-configuration-default-user
567 (default ""))
568 (theme slim-configuration-theme
569 (default %default-slim-theme))
570 (theme-name slim-configuration-theme-name
571 (default %default-slim-theme-name))
572 (xauth slim-configuration-xauth
573 (default xauth))
574 (shepherd slim-configuration-shepherd
575 (default shepherd))
576 (auto-login-session slim-configuration-auto-login-session
577 (default #f))
578 (xorg-configuration slim-configuration-xorg
579 (default (xorg-configuration)))
580 (display slim-configuration-display
581 (default ":0"))
582 (vt slim-configuration-vt
583 (default "vt7"))
584 (sessreg slim-configuration-sessreg
585 (default sessreg)))
586
587 (define (slim-pam-service config)
588 "Return a PAM service for @command{slim}."
589 (list (unix-pam-service
590 "slim"
591 #:login-uid? #t
592 #:allow-empty-passwords?
593 (slim-configuration-allow-empty-passwords? config)
594 #:gnupg?
595 (slim-configuration-gnupg? config))))
596
597 (define (slim-shepherd-service config)
598 (let* ((xinitrc (xinitrc #:fallback-session
599 (slim-configuration-auto-login-session config)))
600 (xauth (slim-configuration-xauth config))
601 (startx (xorg-start-command (slim-configuration-xorg config)))
602 (display (slim-configuration-display config))
603 (vt (slim-configuration-vt config))
604 (shepherd (slim-configuration-shepherd config))
605 (theme-name (slim-configuration-theme-name config))
606 (sessreg (slim-configuration-sessreg config))
607 (lockfile (string-append "/var/run/slim-" vt ".lock")))
608 (define slim.cfg
609 (mixed-text-file "slim.cfg" "
610 default_path /run/current-system/profile/bin
611 default_xserver " startx "
612 display_name " display "
613 xserver_arguments " vt "
614 xauth_path " xauth "/bin/xauth
615 authfile /var/run/slim-" vt ".auth
616 lockfile " lockfile "
617 logfile /var/log/slim-" vt ".log
618
619 # The login command. '%session' is replaced by the chosen session name, one
620 # of the names specified in the 'sessions' setting: 'wmaker', 'xfce', etc.
621 login_cmd exec " xinitrc " %session
622 sessiondir /run/current-system/profile/share/xsessions
623 session_msg session (F1 to change):
624 sessionstart_cmd " sessreg "/bin/sessreg -a -l $DISPLAY %user
625 sessionstop_cmd " sessreg "/bin/sessreg -d -l $DISPLAY %user
626
627 halt_cmd " shepherd "/sbin/halt
628 reboot_cmd " shepherd "/sbin/reboot\n"
629 (if (slim-configuration-auto-login? config)
630 (string-append "auto_login yes\ndefault_user "
631 (slim-configuration-default-user config) "\n")
632 "")
633 (if theme-name
634 (string-append "current_theme " theme-name "\n")
635 "")))
636
637 (define theme
638 (slim-configuration-theme config))
639
640 (list (shepherd-service
641 (documentation "Xorg display server")
642 (provision (append
643 ;; For compatibility, also provide 'xorg-server'.
644 (if (string=? vt "vt7")
645 '(xorg-server)
646 '())
647
648 (list (symbol-append 'xorg-server-
649 (string->symbol vt)))))
650 (requirement '(user-processes host-name udev))
651 (start
652 #~(lambda ()
653 ;; A stale lock file can prevent SLiM from starting, so remove it to
654 ;; be on the safe side.
655 (false-if-exception (delete-file lockfile))
656
657 (fork+exec-command
658 (list (string-append #$(slim-configuration-slim config)
659 "/bin/slim")
660 "-nodaemon")
661 #:environment-variables
662 (list (string-append "SLIM_CFGFILE=" #$slim.cfg)
663 #$@(if theme
664 (list #~(string-append "SLIM_THEMESDIR=" #$theme))
665 #~())))))
666 (stop #~(make-kill-destructor))
667 (respawn? #t)))))
668
669 (define slim-service-type
670 (handle-xorg-configuration slim-configuration
671 (service-type (name 'slim)
672 (extensions
673 (list (service-extension shepherd-root-service-type
674 slim-shepherd-service)
675 (service-extension pam-root-service-type
676 slim-pam-service)))
677 (default-value (slim-configuration))
678 (description
679 "Run the SLiM graphical login manager for X11."))))
680
681 \f
682 ;;;
683 ;;; Screen lockers & co.
684 ;;;
685
686 (define-record-type <screen-locker>
687 (screen-locker name program empty?)
688 screen-locker?
689 (name screen-locker-name) ;string
690 (program screen-locker-program) ;gexp
691 (empty? screen-locker-allows-empty-passwords?)) ;Boolean
692
693 (define screen-locker-pam-services
694 (match-lambda
695 (($ <screen-locker> name _ empty?)
696 (list (unix-pam-service name
697 #:allow-empty-passwords? empty?)))))
698
699 (define screen-locker-setuid-programs
700 (compose list file-like->setuid-program screen-locker-program))
701
702 (define screen-locker-service-type
703 (service-type (name 'screen-locker)
704 (extensions
705 (list (service-extension pam-root-service-type
706 screen-locker-pam-services)
707 (service-extension setuid-program-service-type
708 screen-locker-setuid-programs)))
709 (description
710 "Allow the given program to be used as a screen locker for
711 the graphical server by making it setuid-root, so it can authenticate users,
712 and by creating a PAM service for it.")))
713
714 (define* (screen-locker-service package
715 #:optional
716 (program (package-name package))
717 #:key allow-empty-passwords?)
718 "Add @var{package}, a package for a screen locker or screen saver whose
719 command is @var{program}, to the set of setuid programs and add a PAM entry
720 for it. For example:
721
722 @lisp
723 (screen-locker-service xlockmore \"xlock\")
724 @end lisp
725
726 makes the good ol' XlockMore usable."
727 (service screen-locker-service-type
728 (screen-locker program
729 (file-append package "/bin/" program)
730 allow-empty-passwords?)))
731
732 \f
733 ;;;
734 ;;; Locale service.
735 ;;;
736
737 (define-record-type* <localed-configuration>
738 localed-configuration make-localed-configuration
739 localed-configuration?
740 (localed localed-configuration-localed
741 (default localed))
742 (keyboard-layout localed-configuration-keyboard-layout
743 (default #f)))
744
745 (define (localed-dbus-service config)
746 "Return the 'localed' D-Bus service for @var{config}, a
747 @code{<localed-configuration>} record."
748 (define keyboard-layout
749 (localed-configuration-keyboard-layout config))
750
751 ;; The primary purpose of 'localed' is to tell GDM what the "current" Xorg
752 ;; keyboard layout is. If 'localed' is missing, or if it's unable to
753 ;; determine the current XKB layout, then GDM forcefully installs its
754 ;; default XKB config (US English). Here we communicate the configured
755 ;; layout through environment variables.
756
757 (if keyboard-layout
758 (let* ((layout (keyboard-layout-name keyboard-layout))
759 (variant (keyboard-layout-variant keyboard-layout))
760 (model (keyboard-layout-model keyboard-layout))
761 (options (keyboard-layout-options keyboard-layout)))
762 (list (wrapped-dbus-service
763 (localed-configuration-localed config)
764 "libexec/localed/localed"
765 `(("GUIX_XKB_LAYOUT" ,layout)
766 ,@(if variant
767 `(("GUIX_XKB_VARIANT" ,variant))
768 '())
769 ,@(if model
770 `(("GUIX_XKB_MODEL" ,model))
771 '())
772 ,@(if (null? options)
773 '()
774 `(("GUIX_XKB_OPTIONS"
775 ,(string-join options ","))))))))
776 '()))
777
778 (define localed-service-type
779 (let ((package (lambda (config)
780 ;; Don't bother if the user didn't specify any keyboard
781 ;; layout.
782 (if (localed-configuration-keyboard-layout config)
783 (list (localed-configuration-localed config))
784 '()))))
785 (service-type (name 'localed)
786 (extensions
787 (list (service-extension dbus-root-service-type
788 localed-dbus-service)
789 (service-extension udev-service-type package)
790 (service-extension polkit-service-type package)
791
792 ;; Add 'localectl' to the profile.
793 (service-extension profile-service-type package)))
794
795 ;; This service can be extended, typically by the X login
796 ;; manager, to communicate the chosen Xorg keyboard layout.
797 (compose (lambda (extensions)
798 (find keyboard-layout? extensions)))
799 (extend (lambda (config keyboard-layout)
800 (localed-configuration
801 (inherit config)
802 (keyboard-layout keyboard-layout))))
803 (description
804 "Run the locale daemon, @command{localed}, which can be used
805 to control the system locale and keyboard mapping from user programs such as
806 the GNOME desktop environment.")
807 (default-value (localed-configuration)))))
808
809 \f
810 ;;;
811 ;;; Dconf.
812 ;;;
813
814 (define-maybe text-config)
815
816 (define-configuration/no-serialization dconf-keyfile
817 (name string
818 "The file name of the associated keyfile, e.g. \"00-login-screen\".")
819 (content text-config "The content of the associated keyfile."))
820
821 (define-configuration/no-serialization dconf-profile
822 (name string "The file name of the dconf system profile, which should match
823 the name of a user for which the profile is to be used with. To have the
824 profile used, the environment variable \"DCONF_PROFILE\" should be set to the
825 profile file, e.g.:
826 @example
827 export DCONF_PROFILE=/etc/dconf/profile/gdm
828 @end example")
829 (content maybe-text-config "The content of the Dconf profile. Unless
830 provided, it defaults to include the user database (\"user-db:NAME\") as well
831 as the system database (\"system-db:NAME\"), which corresponds to the
832 generated database, @file{/etc/dconf/db/NAME}.")
833 (keyfile dconf-keyfile "The keyfile associated with the profile"))
834
835 (define dconf-profiles?
836 (list-of dconf-profile?))
837
838 (define-configuration/no-serialization dconf-configuration
839 (profiles dconf-profiles "The list of <dconf-profile> objects to populate."))
840
841 (define (dconf-profile->profile-file profile)
842 "Given PROFILE, a <dconf-profile> object, return a dconf profile file."
843 (let ((name (dconf-profile-name profile))
844 (content (dconf-profile-content profile)))
845 (apply mixed-text-file
846 name
847 (if (maybe-value-set? content)
848 (interpose content "\n" 'suffix)
849 (interpose (list (string-append "user-db:" name)
850 (string-append "system-db:" name))
851 "\n" 'suffix)))))
852
853 (define (dconf-profile->db-keyfile profile)
854 "Given PROFILE, a <dconf-profile> object, return a dconf profile file."
855 (let ((keyfile (dconf-profile-keyfile profile)))
856 (apply mixed-text-file (dconf-keyfile-name keyfile)
857 (interpose (dconf-keyfile-content keyfile) "\n" 'suffix))))
858
859 (define (dconf-profile->db-keyfile-dir profile)
860 "Wrap the keyfile in a directory, to satisfy 'dconf compile'."
861 (let ((name (dconf-profile-name profile))
862 (keyfile-name (dconf-keyfile-name (dconf-profile-keyfile profile))))
863 (computed-file name
864 #~(begin
865 (mkdir #$output)
866 (symlink #$(dconf-profile->db-keyfile profile)
867 (string-append #$output "/" #$keyfile-name))))))
868
869 (define (dconf-profile->db profile)
870 "Compile the a <dconf-profile> object into a GVariant Database file."
871 (let ((name (dconf-profile-name profile)))
872 (computed-file
873 name
874 (with-imported-modules '((guix build utils))
875 #~(begin
876 (use-modules (guix build utils))
877 (setenv "DCONF_PROFILE" #$(dconf-profile->profile-file profile))
878 (invoke #$(file-append dconf "/bin/dconf") "compile"
879 #$output #$(dconf-profile->db-keyfile-dir profile)))))))
880
881 (define (dconf-profile->files profile)
882 "Given PROFILE, a <dconf-profile> object, return a dconf directory
883 containing the associated profile, keyfile and database files to be assembled
884 under /etc."
885 (let ((name (dconf-profile-name profile))
886 (keyfile-name (dconf-keyfile-name (dconf-profile-keyfile profile))))
887 (list (list (string-append "dconf/profile/" name)
888 (dconf-profile->profile-file profile))
889 (list (string-append "dconf/db/" name ".d/" keyfile-name)
890 (dconf-profile->db-keyfile profile))
891 (list (string-append "dconf/db/" name)
892 (dconf-profile->db profile)))))
893
894 (define dconf-service-type
895 (service-type
896 (name 'dconf-profile)
897 (extensions
898 (list (service-extension etc-service-type
899 (lambda (dconf-profiles)
900 (append-map dconf-profile->files
901 dconf-profiles)))))
902 (compose concatenate)
903 (extend append)
904 (default-value '())
905 (description "Extend the @code{etc-service-type} to populate the file
906 hierarchy under @file{/etc/dconf} with the <dconf-profile> objects provided as
907 argument.")))
908
909 \f
910 ;;;
911 ;;; GNOME Desktop Manager.
912 ;;;
913
914 (define %gdm-accounts
915 (list (user-group (name "gdm") (system? #t))
916 (user-account
917 (name "gdm")
918 (group "gdm")
919 (supplementary-groups '("video"))
920 (system? #t)
921 (comment "GNOME Display Manager user")
922 (home-directory "/var/lib/gdm")
923 (shell (file-append shadow "/sbin/nologin")))))
924
925 (define dbus-daemon-wrapper
926 (program-file
927 "gdm-dbus-wrapper"
928 #~(begin
929 (use-modules (srfi srfi-26))
930
931 (define system-profile
932 "/run/current-system/profile")
933
934 (define user-profile
935 (and=> (getpw (getuid))
936 (lambda (pw)
937 (string-append (passwd:dir pw) "/.guix-profile"))))
938
939 ;; If we are able to find the user's profile, we can add it to
940 ;; the search paths set below. We need to do this so that D-Bus
941 ;; can start services installed by the user. This allows
942 ;; applications that require session D-Bus services (e.g,
943 ;; 'evolution') to work even if those services are only available
944 ;; in the user's profile. See <https://bugs.gnu.org/35267>.
945 (define profiles
946 (if user-profile
947 (list user-profile system-profile)
948 (list system-profile)))
949
950 (setenv "XDG_CONFIG_DIRS"
951 (string-join (map (cut string-append <> "/etc/xdg") profiles)
952 ":"))
953 (setenv "XDG_DATA_DIRS"
954 (string-join (map (cut string-append <> "/share") profiles)
955 ":"))
956 (apply execl (string-append #$dbus "/bin/dbus-daemon")
957 (program-arguments)))))
958
959 ;; Wrapper script for Wayland sessions, similar to Xsession.
960 ;;
961 ;; See `xinitrc`. By default, it launches the specified session through a
962 ;; login shell. With the default Guix configuration, this should source
963 ;; /etc/profile, setting up the Guix profile environment variables. However,
964 ;; gdm launches its own graphical session through the same method, so we need
965 ;; to ignore this case, since `gdm` doesn't have a login shell.
966 (define gdm-wayland-session-wrapper
967 (program-file
968 "gdm-wayland-session-wrapper"
969 #~((let* ((user (getpw (getuid)))
970 (name (passwd:name user))
971 (shell (passwd:shell user))
972 (args (cdr (command-line))))
973 (if (string=? name "gdm")
974 (apply execl (cons (car args) args))
975 (execl shell shell "--login" "-c" (string-join args)))))))
976
977 (define-record-type* <gdm-configuration>
978 gdm-configuration make-gdm-configuration
979 gdm-configuration?
980 (gdm gdm-configuration-gdm (default gdm))
981 (allow-empty-passwords? gdm-configuration-allow-empty-passwords? (default #t))
982 (auto-login? gdm-configuration-auto-login? (default #f))
983 (auto-suspend? gdm-configuration-auto-suspend? (default #t))
984 (dbus-daemon gdm-configuration-dbus-daemon (default dbus-daemon-wrapper))
985 (debug? gdm-configuration-debug? (default #f))
986 (default-user gdm-configuration-default-user (default #f))
987 (gnome-shell-assets gdm-configuration-gnome-shell-assets
988 (default (list adwaita-icon-theme font-abattis-cantarell)))
989 (xorg-configuration gdm-configuration-xorg
990 (default (xorg-configuration)))
991 (x-session gdm-configuration-x-session
992 (default (xinitrc)))
993 (xdmcp? gdm-configuration-xdmcp?
994 (default #f))
995 (wayland? gdm-configuration-wayland? (default #f))
996 (wayland-session gdm-configuration-wayland-session
997 (default gdm-wayland-session-wrapper)))
998
999 (define (gdm-dconf-profiles config)
1000 (if (gdm-configuration-auto-suspend? config)
1001 '()
1002 ;; This custom gconf profile works around a lack of configuration option
1003 ;; to disable auto-suspend when no users are physically logged in (see:
1004 ;; https://gitlab.gnome.org/GNOME/gnome-control-center/-/issues/22).
1005 (list (dconf-profile
1006 (name "gdm")
1007 (content (list #~(begin
1008 (use-modules (ice-9 textual-ports))
1009 (string-trim
1010 (call-with-input-file
1011 #$(file-append gdm "/share/dconf/profile/gdm")
1012 get-string-all)))
1013 "system-db:gdm"))
1014 (keyfile (dconf-keyfile
1015 (name "00-disable-suspend")
1016 (content
1017 (list "[org/gnome/settings-daemon/plugins/power]"
1018 "sleep-inactive-ac-type='nothing'"
1019 "sleep-inactive-battery-type='nothing'"
1020 "sleep-inactive-ac-timeout=0"
1021 "sleep-inactive-battery-timeout=0"))))))))
1022
1023 (define (gdm-configuration-file config)
1024 (mixed-text-file "gdm-custom.conf"
1025 "[daemon]\n"
1026 "#User=gdm\n"
1027 "#Group=gdm\n"
1028 (if (gdm-configuration-auto-login? config)
1029 (string-append
1030 "AutomaticLoginEnable=true\n"
1031 "AutomaticLogin="
1032 (or (gdm-configuration-default-user config)
1033 (error "missing default user for auto-login"))
1034 "\n")
1035 (string-append
1036 "AutomaticLoginEnable=false\n"
1037 "#AutomaticLogin=\n"))
1038 "#TimedLoginEnable=false\n"
1039 "#TimedLogin=\n"
1040 "#TimedLoginDelay=0\n"
1041 ;; Disable initial system setup inside GDM.
1042 ;; Whatever settings are set there should already be
1043 ;; taken care of through `guix system'.
1044 ;; See also
1045 ;; <https://debbugs.gnu.org/cgi/bugreport.cgi?bug=39281>.
1046 "InitialSetupEnable=false\n"
1047 (format #f "WaylandEnable=~:[false~;true~]~%"
1048 (gdm-configuration-wayland? config))
1049 "\n"
1050 "[debug]\n"
1051 (format #f "Enable=~:[false~;true~]~%"
1052 (gdm-configuration-debug? config))
1053 "\n"
1054 "[security]\n"
1055 "#DisallowTCP=true\n"
1056 "#AllowRemoteAutoLogin=false\n"
1057 "\n"
1058 "[xdmcp]\n"
1059 (format #f "Enable=~:[false~;true~]~%"
1060 (gdm-configuration-xdmcp? config))))
1061
1062 (define (gdm-pam-service config)
1063 "Return a PAM service for @command{gdm}."
1064 (list
1065 (pam-service
1066 (inherit (unix-pam-service "gdm-autologin"
1067 #:login-uid? #t))
1068 (auth (list (pam-entry
1069 (control "optional")
1070 (module (file-append (gdm-configuration-gdm config)
1071 "/lib/security/pam_gdm.so")))
1072 (pam-entry
1073 (control "sufficient")
1074 (module "pam_permit.so")))))
1075 (pam-service
1076 (inherit (unix-pam-service "gdm-launch-environment"))
1077 (auth (list (pam-entry
1078 (control "required")
1079 (module "pam_permit.so")))))
1080 (unix-pam-service "gdm-password"
1081 #:login-uid? #t
1082 #:allow-empty-passwords?
1083 (gdm-configuration-allow-empty-passwords? config))))
1084
1085 (define (gdm-shepherd-service config)
1086 (define config-file
1087 (gdm-configuration-file config))
1088
1089 (list (shepherd-service
1090 (documentation "Xorg display server (GDM)")
1091 (provision '(xorg-server))
1092 (requirement '(dbus-system user-processes host-name udev elogind))
1093 (start #~(lambda ()
1094 (fork+exec-command
1095 (list #$(file-append (gdm-configuration-gdm config)
1096 "/bin/gdm"))
1097 #:environment-variables
1098 (list #$@(if (gdm-configuration-auto-suspend? config)
1099 #~()
1100 #~("DCONF_PROFILE=/etc/dconf/profile/gdm"))
1101 (string-append "GDM_CUSTOM_CONF=" #$config-file)
1102 (string-append
1103 "GDM_DBUS_DAEMON="
1104 #$(gdm-configuration-dbus-daemon config))
1105 (string-append
1106 "GDM_X_SERVER="
1107 #$(xorg-wrapper
1108 (gdm-configuration-xorg config)))
1109 (string-append
1110 "GDM_X_SESSION="
1111 #$(gdm-configuration-x-session config))
1112 (string-append
1113 "XDG_DATA_DIRS="
1114 ((lambda (ls) (string-join ls ":"))
1115 (map (lambda (path)
1116 (string-append path "/share"))
1117 ;; XXX: Remove gnome-shell below when GDM
1118 ;; can depend on GNOME Shell directly.
1119 (cons #$gnome-shell
1120 '#$(gdm-configuration-gnome-shell-assets
1121 config)))))
1122 ;; Add XCURSOR_PATH so that mutter can find its
1123 ;; cursors. gdm doesn't login so doesn't source
1124 ;; the corresponding line in /etc/profile.
1125 "XCURSOR_PATH=/run/current-system/profile/share/icons"
1126 (string-append
1127 "GDK_PIXBUF_MODULE_FILE="
1128 #$gnome-shell "/" #$%gdk-pixbuf-loaders-cache-file)
1129 (string-append
1130 "GDM_WAYLAND_SESSION="
1131 #$(gdm-configuration-wayland-session config))))))
1132 (stop #~(make-kill-destructor))
1133 (actions (list (shepherd-configuration-action config-file)))
1134 (respawn? #t))))
1135
1136 (define gdm-polkit-rules
1137 (lambda (config)
1138 (if (gdm-configuration-xdmcp? config)
1139 ;; Allow remote (XDMCP) users to use colord; otherwise an
1140 ;; authentication dialog would appear on the GDM screen (see the
1141 ;; upstream bug:
1142 ;; https://gitlab.gnome.org/GNOME/gnome-settings-daemon/-/issues/273).
1143 (list (computed-file
1144 "02-allow-colord.rules"
1145 (with-imported-modules '((guix build utils))
1146 #~(begin
1147 (use-modules (guix build utils))
1148
1149 (let* ((rules.d
1150 (string-append #$output
1151 "/share/polkit-1"
1152 "/rules.d"))
1153 (allow-colord.rules (string-append
1154 rules.d
1155 "/02-allow-colord.rules")))
1156 (mkdir-p rules.d)
1157 (call-with-output-file allow-colord.rules
1158 (lambda (port)
1159 ;; This workaround enables any local or remote in
1160 ;; the "users" group to use colord (see:
1161 ;; https://c-nergy.be/blog/?p=12073).
1162 (format port "\
1163 polkit.addRule(function(action, subject) {
1164 if (action.id.match(\"org.freedesktop.color-manager\")) {
1165 polkit.log(\"POLKIT DEBUG returning YES for action: \" + action);
1166 return polkit.Result.YES;
1167 }
1168 });~%"))))))))
1169 '())))
1170
1171 (define gdm-service-type
1172 (handle-xorg-configuration gdm-configuration
1173 (service-type (name 'gdm)
1174 (extensions
1175 (list (service-extension shepherd-root-service-type
1176 gdm-shepherd-service)
1177 (service-extension account-service-type
1178 (const %gdm-accounts))
1179 (service-extension dconf-service-type
1180 gdm-dconf-profiles)
1181 (service-extension pam-root-service-type
1182 gdm-pam-service)
1183 (service-extension polkit-service-type
1184 gdm-polkit-rules)
1185 (service-extension profile-service-type
1186 gdm-configuration-gnome-shell-assets)
1187 (service-extension dbus-root-service-type
1188 (compose list
1189 gdm-configuration-gdm))
1190 (service-extension localed-service-type
1191 (compose
1192 xorg-configuration-keyboard-layout
1193 gdm-configuration-xorg))))
1194 (default-value (gdm-configuration))
1195 (description
1196 "Run the GNOME Desktop Manager (GDM), a program that allows
1197 you to log in in a graphical session, whether or not you use GNOME."))))
1198
1199 ;; Since GDM depends on Rust (gdm -> gnome-shell -> gjs -> mozjs -> rust)
1200 ;; and Rust is currently unavailable on non-x86_64 platforms, default to
1201 ;; SDDM there (FIXME).
1202 (define* (set-xorg-configuration config
1203 #:optional
1204 (login-manager-service-type
1205 (if (target-x86-64?)
1206 gdm-service-type
1207 sddm-service-type)))
1208 "Tell the log-in manager (of type @var{login-manager-service-type}) to use
1209 @var{config}, an <xorg-configuration> record."
1210 (simple-service 'set-xorg-configuration
1211 login-manager-service-type
1212 config))
1213
1214 ;;; xorg.scm ends here
jackhill's copy of GNU Guix: https://guix.gnu.org/