Commit | Line | Data |
---|---|---|
db4fdc04 | 1 | ;;; GNU Guix --- Functional package management for GNU |
92753a8b | 2 | ;;; Copyright © 2017 Andy Wingo <wingo@igalia.com> |
c510cbb4 | 3 | ;;; Copyright © 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org> |
4bd43bbe | 4 | ;;; Copyright © 2015 Sou Bunnbu <iyzsong@gmail.com> |
db4fdc04 LC |
5 | ;;; |
6 | ;;; This file is part of GNU Guix. | |
7 | ;;; | |
8 | ;;; GNU Guix is free software; you can redistribute it and/or modify it | |
9 | ;;; under the terms of the GNU General Public License as published by | |
10 | ;;; the Free Software Foundation; either version 3 of the License, or (at | |
11 | ;;; your option) any later version. | |
12 | ;;; | |
13 | ;;; GNU Guix is distributed in the hope that it will be useful, but | |
14 | ;;; WITHOUT ANY WARRANTY; without even the implied warranty of | |
15 | ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
16 | ;;; GNU General Public License for more details. | |
17 | ;;; | |
18 | ;;; You should have received a copy of the GNU General Public License | |
19 | ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. | |
20 | ||
21 | (define-module (gnu services xorg) | |
84dfb458 | 22 | #:use-module (gnu artwork) |
db4fdc04 | 23 | #:use-module (gnu services) |
0190c1c0 | 24 | #:use-module (gnu services shepherd) |
6e828634 | 25 | #:use-module (gnu system pam) |
6e99c01b | 26 | #:use-module (gnu services dbus) |
bdb36958 LC |
27 | #:use-module ((gnu packages base) #:select (canonical-package)) |
28 | #:use-module (gnu packages guile) | |
db4fdc04 LC |
29 | #:use-module (gnu packages xorg) |
30 | #:use-module (gnu packages gl) | |
5fd66a37 | 31 | #:use-module (gnu packages display-managers) |
9e4eddb4 | 32 | #:use-module (gnu packages gnustep) |
6e99c01b | 33 | #:use-module (gnu packages gnome) |
db4fdc04 LC |
34 | #:use-module (gnu packages admin) |
35 | #:use-module (gnu packages bash) | |
6e99c01b | 36 | #:use-module (gnu system shadow) |
b5f4e686 | 37 | #:use-module (guix gexp) |
e87f0591 | 38 | #:use-module (guix store) |
6726282b | 39 | #:use-module (guix packages) |
db4fdc04 | 40 | #:use-module (guix derivations) |
ffc3a02b | 41 | #:use-module (guix records) |
d2e59637 | 42 | #:use-module (srfi srfi-1) |
6726282b | 43 | #:use-module (srfi srfi-9) |
d2e59637 LC |
44 | #:use-module (srfi srfi-26) |
45 | #:use-module (ice-9 match) | |
d1cdd7ba | 46 | #:export (xorg-configuration-file |
79fd74fa | 47 | %default-xorg-modules |
92753a8b | 48 | xorg-wrapper |
d1cdd7ba | 49 | xorg-start-command |
f2901d82 DC |
50 | xinitrc |
51 | ||
0ecc3bf3 LC |
52 | %default-slim-theme |
53 | %default-slim-theme-name | |
4b7513e0 DT |
54 | slim-configuration |
55 | slim-service-type | |
6726282b LC |
56 | slim-service |
57 | ||
24e96431 TČ |
58 | screen-locker |
59 | screen-locker? | |
6726282b | 60 | screen-locker-service-type |
6e99c01b AW |
61 | screen-locker-service |
62 | ||
63 | gdm-configuration | |
64 | gdm-service-type | |
65 | gdm-service)) | |
db4fdc04 LC |
66 | |
67 | ;;; Commentary: | |
68 | ;;; | |
69 | ;;; Services that relate to the X Window System. | |
70 | ;;; | |
71 | ;;; Code: | |
72 | ||
12422c9d LC |
73 | (define* (xorg-configuration-file #:key (drivers '()) (resolutions '()) |
74 | (extra-config '())) | |
d1cdd7ba LC |
75 | "Return a configuration file for the Xorg server containing search paths for |
76 | all the common drivers. | |
f703413e LC |
77 | |
78 | @var{drivers} must be either the empty list, in which case Xorg chooses a | |
79 | graphics driver automatically, or a list of driver names that will be tried in | |
d2e59637 LC |
80 | this order---e.g., @code{(\"modesetting\" \"vesa\")}. |
81 | ||
82 | Likewise, when @var{resolutions} is the empty list, Xorg chooses an | |
83 | appropriate screen resolution; otherwise, it must be a list of | |
12422c9d LC |
84 | resolutions---e.g., @code{((1024 768) (640 480))}. |
85 | ||
86 | Last, @var{extra-config} is a list of strings or objects appended to the | |
be1c2c54 LC |
87 | @code{mixed-text-file} argument list. It is used to pass extra text to be |
88 | added verbatim to the configuration file." | |
f703413e LC |
89 | (define (device-section driver) |
90 | (string-append " | |
91 | Section \"Device\" | |
92 | Identifier \"device-" driver "\" | |
93 | Driver \"" driver "\" | |
94 | EndSection")) | |
db4fdc04 | 95 | |
d2e59637 LC |
96 | (define (screen-section driver resolutions) |
97 | (string-append " | |
98 | Section \"Screen\" | |
99 | Identifier \"screen-" driver "\" | |
100 | Device \"device-" driver "\" | |
101 | SubSection \"Display\" | |
102 | Modes " | |
103 | (string-join (map (match-lambda | |
d1cdd7ba LC |
104 | ((x y) |
105 | (string-append "\"" (number->string x) | |
106 | "x" (number->string y) "\""))) | |
d2e59637 LC |
107 | resolutions)) " |
108 | EndSubSection | |
109 | EndSection")) | |
110 | ||
be1c2c54 | 111 | (apply mixed-text-file "xserver.conf" " |
db4fdc04 | 112 | Section \"Files\" |
d1ccd094 EB |
113 | FontPath \"" font-alias "/share/fonts/X11/75dpi\" |
114 | FontPath \"" font-alias "/share/fonts/X11/100dpi\" | |
115 | FontPath \"" font-alias "/share/fonts/X11/misc\" | |
116 | FontPath \"" font-alias "/share/fonts/X11/cyrillic\" | |
378377eb | 117 | FontPath \"" font-adobe75dpi "/share/fonts/X11/75dpi\" |
db4fdc04 | 118 | ModulePath \"" xf86-video-vesa "/lib/xorg/modules/drivers\" |
0adb027b | 119 | ModulePath \"" xf86-video-fbdev "/lib/xorg/modules/drivers\" |
3126fd88 | 120 | ModulePath \"" xf86-video-ati "/lib/xorg/modules/drivers\" |
0adb027b LC |
121 | ModulePath \"" xf86-video-cirrus "/lib/xorg/modules/drivers\" |
122 | ModulePath \"" xf86-video-intel "/lib/xorg/modules/drivers\" | |
123 | ModulePath \"" xf86-video-mach64 "/lib/xorg/modules/drivers\" | |
ca63770a | 124 | ModulePath \"" xf86-video-nouveau "/lib/xorg/modules/drivers\" |
0adb027b | 125 | ModulePath \"" xf86-video-nv "/lib/xorg/modules/drivers\" |
2c37a34c | 126 | ModulePath \"" xf86-video-sis "/lib/xorg/modules/drivers\" |
c2ee19e6 LC |
127 | |
128 | # Libinput is the new thing and is recommended over evdev/synaptics | |
129 | # by those who know: | |
130 | # <http://who-t.blogspot.fr/2015/01/xf86-input-libinput-compatibility-with.html>. | |
131 | ModulePath \"" xf86-input-libinput "/lib/xorg/modules/input\" | |
132 | ||
073cd609 | 133 | ModulePath \"" xf86-input-evdev "/lib/xorg/modules/input\" |
db4fdc04 | 134 | ModulePath \"" xf86-input-keyboard "/lib/xorg/modules/input\" |
0adb027b LC |
135 | ModulePath \"" xf86-input-mouse "/lib/xorg/modules/input\" |
136 | ModulePath \"" xf86-input-synaptics "/lib/xorg/modules/input\" | |
db4fdc04 | 137 | ModulePath \"" xorg-server "/lib/xorg/modules\" |
23290064 | 138 | ModulePath \"" xorg-server "/lib/xorg/modules/drivers\" |
db4fdc04 LC |
139 | ModulePath \"" xorg-server "/lib/xorg/modules/extensions\" |
140 | ModulePath \"" xorg-server "/lib/xorg/modules/multimedia\" | |
141 | EndSection | |
142 | ||
143 | Section \"ServerFlags\" | |
e30442b5 | 144 | Option \"AllowMouseOpenFail\" \"on\" |
db4fdc04 | 145 | EndSection |
f703413e | 146 | " |
12422c9d | 147 | (string-join (map device-section drivers) "\n") "\n" |
d2e59637 LC |
148 | (string-join (map (cut screen-section <> resolutions) |
149 | drivers) | |
12422c9d LC |
150 | "\n") |
151 | ||
152 | "\n" | |
153 | extra-config)) | |
db4fdc04 | 154 | |
79fd74fa AW |
155 | (define %default-xorg-modules |
156 | (list xf86-video-vesa | |
157 | xf86-video-fbdev | |
3126fd88 | 158 | xf86-video-ati |
79fd74fa AW |
159 | xf86-video-cirrus |
160 | xf86-video-intel | |
161 | xf86-video-mach64 | |
162 | xf86-video-nouveau | |
163 | xf86-video-nv | |
164 | xf86-video-sis | |
165 | xf86-input-libinput | |
166 | xf86-input-evdev | |
167 | xf86-input-keyboard | |
168 | xf86-input-mouse | |
169 | xf86-input-synaptics)) | |
170 | ||
171 | (define (xorg-configuration-directory modules) | |
172 | "Return a directory that contains the @code{.conf} files for X.org that | |
173 | includes the @code{share/X11/xorg.conf.d} directories of each package listed | |
174 | in @var{modules}." | |
4ee96a79 LC |
175 | (with-imported-modules '((guix build utils)) |
176 | (computed-file "xorg.conf.d" | |
177 | #~(begin | |
178 | (use-modules (guix build utils) | |
179 | (srfi srfi-1)) | |
180 | ||
181 | (define files | |
182 | (append-map (lambda (module) | |
183 | (find-files (string-append | |
184 | module | |
185 | "/share/X11/xorg.conf.d") | |
186 | "\\.conf$")) | |
187 | (list #$@modules))) | |
188 | ||
189 | (mkdir #$output) | |
190 | (for-each (lambda (file) | |
191 | (symlink file | |
192 | (string-append #$output "/" | |
193 | (basename file)))) | |
194 | files) | |
195 | #t)))) | |
79fd74fa | 196 | |
92753a8b AW |
197 | (define* (xorg-wrapper #:key |
198 | (guile (canonical-package guile-2.0)) | |
199 | (configuration-file (xorg-configuration-file)) | |
200 | (modules %default-xorg-modules) | |
201 | (xorg-server xorg-server)) | |
d1cdd7ba LC |
202 | "Return a derivation that builds a @var{guile} script to start the X server |
203 | from @var{xorg-server}. @var{configuration-file} is the server configuration | |
204 | file or a derivation that builds it; when omitted, the result of | |
92753a8b AW |
205 | @code{xorg-configuration-file} is used. The resulting script should be used |
206 | in place of @code{/usr/bin/X}." | |
be1c2c54 LC |
207 | (define exp |
208 | ;; Write a small wrapper around the X server. | |
209 | #~(begin | |
210 | (setenv "XORG_DRI_DRIVER_PATH" (string-append #$mesa "/lib/dri")) | |
211 | (setenv "XKB_BINDIR" (string-append #$xkbcomp "/bin")) | |
212 | ||
92753a8b AW |
213 | (let ((X (string-append #$xorg-server "/bin/X"))) |
214 | (apply execl X X | |
215 | "-xkbdir" (string-append #$xkeyboard-config "/share/X11/xkb") | |
216 | "-config" #$configuration-file | |
217 | "-configdir" #$(xorg-configuration-directory modules) | |
218 | (cdr (command-line)))))) | |
219 | ||
220 | (program-file "X-wrapper" exp)) | |
be1c2c54 | 221 | |
92753a8b AW |
222 | (define* (xorg-start-command #:key |
223 | (guile (canonical-package guile-2.0)) | |
224 | (configuration-file (xorg-configuration-file)) | |
225 | (modules %default-xorg-modules) | |
226 | (xorg-server xorg-server)) | |
227 | "Return a derivation that builds a @code{startx} script in which a number of | |
228 | X modules are available. See @code{xorg-wrapper} for more details on the | |
229 | arguments. The result should be used in place of @code{startx}." | |
230 | (define X | |
231 | (xorg-wrapper #:guile guile | |
232 | #:configuration-file configuration-file | |
233 | #:modules modules | |
234 | #:xorg-server xorg-server)) | |
235 | (define exp | |
236 | ;; Write a small wrapper around the X server. | |
237 | #~(apply execl #$X #$X ;; Second #$X is for argv[0]. | |
238 | "-logverbose" "-verbose" "-nolisten" "tcp" "-terminate" | |
239 | (cdr (command-line)))) | |
be1c2c54 | 240 | |
92753a8b | 241 | (program-file "startx" exp)) |
db4fdc04 | 242 | |
9e4eddb4 | 243 | (define* (xinitrc #:key |
bdb36958 | 244 | (guile (canonical-package guile-2.0)) |
24d56899 SB |
245 | fallback-session) |
246 | "Return a system-wide xinitrc script that starts the specified X session, | |
247 | which should be passed to this script as the first argument. If not, the | |
248 | @var{fallback-session} will be used." | |
8779d342 LC |
249 | (define builder |
250 | #~(begin | |
251 | (use-modules (ice-9 match)) | |
252 | ||
16c33bfb LC |
253 | (define (close-all-fdes) |
254 | ;; Close all the open file descriptors except 0 to 2. | |
255 | (let loop ((fd 3)) | |
256 | (when (< fd 4096) ;FIXME: use sysconf + _SC_OPEN_MAX | |
257 | (false-if-exception (close-fdes fd)) | |
258 | (loop (+ 1 fd))))) | |
259 | ||
b2bd7c25 LC |
260 | (define (exec-from-login-shell command . args) |
261 | ;; Run COMMAND from a login shell so that it gets to see the same | |
262 | ;; environment variables that one gets when logging in on a tty, for | |
263 | ;; instance. | |
264 | (let* ((pw (getpw (getuid))) | |
e0b85670 SB |
265 | (shell (passwd:shell pw))) |
266 | ;; Close any open file descriptors. This is all the more | |
267 | ;; important that SLiM itself exec's us directly without closing | |
268 | ;; its own file descriptors! | |
269 | (close-all-fdes) | |
270 | ||
271 | ;; The '--login' option is supported at least by Bash and zsh. | |
272 | (execl shell shell "--login" "-c" | |
273 | (string-join (cons command args))))) | |
274 | ||
275 | (let* ((home (getenv "HOME")) | |
276 | (xsession-file (string-append home "/.xsession")) | |
277 | (session (match (command-line) | |
c510cbb4 LC |
278 | ((_) (list #$fallback-session)) |
279 | ((_ x ..1) x)))) | |
e0b85670 SB |
280 | (if (file-exists? xsession-file) |
281 | ;; Run ~/.xsession when it exists. | |
f2ab9250 | 282 | (apply exec-from-login-shell xsession-file session) |
e0b85670 | 283 | ;; Otherwise, start the specified session. |
c510cbb4 LC |
284 | (apply exec-from-login-shell session))))) |
285 | ||
be1c2c54 | 286 | (program-file "xinitrc" builder)) |
9e4eddb4 | 287 | |
0ecc3bf3 LC |
288 | \f |
289 | ;;; | |
290 | ;;; SLiM log-in manager. | |
291 | ;;; | |
292 | ||
0ecc3bf3 LC |
293 | (define %default-slim-theme |
294 | ;; Theme based on work by Felipe López. | |
9e41130b | 295 | (file-append %artwork-repository "/slim")) |
0ecc3bf3 LC |
296 | |
297 | (define %default-slim-theme-name | |
298 | ;; This must be the name of the sub-directory in %DEFAULT-SLIM-THEME that | |
299 | ;; contains the actual theme files. | |
cf2abac8 | 300 | "0.x") |
0ecc3bf3 | 301 | |
0adfe95a LC |
302 | (define-record-type* <slim-configuration> |
303 | slim-configuration make-slim-configuration | |
304 | slim-configuration? | |
305 | (slim slim-configuration-slim | |
306 | (default slim)) | |
307 | (allow-empty-passwords? slim-configuration-allow-empty-passwords?) | |
308 | (auto-login? slim-configuration-auto-login?) | |
309 | (default-user slim-configuration-default-user) | |
310 | (theme slim-configuration-theme) | |
311 | (theme-name slim-configuration-theme-name) | |
312 | (xauth slim-configuration-xauth | |
313 | (default xauth)) | |
26b94866 AK |
314 | (shepherd slim-configuration-shepherd |
315 | (default shepherd)) | |
0adfe95a LC |
316 | (bash slim-configuration-bash |
317 | (default bash)) | |
318 | (auto-login-session slim-configuration-auto-login-session) | |
319 | (startx slim-configuration-startx)) | |
320 | ||
321 | (define (slim-pam-service config) | |
322 | "Return a PAM service for @command{slim}." | |
323 | (list (unix-pam-service | |
324 | "slim" | |
325 | #:allow-empty-passwords? | |
326 | (slim-configuration-allow-empty-passwords? config)))) | |
327 | ||
d4053c71 | 328 | (define (slim-shepherd-service config) |
0adfe95a LC |
329 | (define slim.cfg |
330 | (let ((xinitrc (xinitrc #:fallback-session | |
331 | (slim-configuration-auto-login-session config))) | |
332 | (slim (slim-configuration-slim config)) | |
333 | (xauth (slim-configuration-xauth config)) | |
334 | (startx (slim-configuration-startx config)) | |
26b94866 | 335 | (shepherd (slim-configuration-shepherd config)) |
0adfe95a LC |
336 | (theme-name (slim-configuration-theme-name config))) |
337 | (mixed-text-file "slim.cfg" " | |
338 | default_path /run/current-system/profile/bin | |
339 | default_xserver " startx " | |
340 | xserver_arguments :0 vt7 | |
341 | xauth_path " xauth "/bin/xauth | |
342 | authfile /var/run/slim.auth | |
343 | ||
344 | # The login command. '%session' is replaced by the chosen session name, one | |
345 | # of the names specified in the 'sessions' setting: 'wmaker', 'xfce', etc. | |
346 | login_cmd exec " xinitrc " %session | |
347 | sessiondir /run/current-system/profile/share/xsessions | |
348 | session_msg session (F1 to change): | |
349 | ||
26b94866 AK |
350 | halt_cmd " shepherd "/sbin/halt |
351 | reboot_cmd " shepherd "/sbin/reboot\n" | |
0adfe95a LC |
352 | (if (slim-configuration-auto-login? config) |
353 | (string-append "auto_login yes\ndefault_user " | |
354 | (slim-configuration-default-user config) "\n") | |
355 | "") | |
356 | (if theme-name | |
357 | (string-append "current_theme " theme-name "\n") | |
358 | "")))) | |
359 | ||
360 | (define theme | |
361 | (slim-configuration-theme config)) | |
362 | ||
d4053c71 | 363 | (list (shepherd-service |
0adfe95a LC |
364 | (documentation "Xorg display server") |
365 | (provision '(xorg-server)) | |
366 | (requirement '(user-processes host-name udev)) | |
367 | (start | |
368 | #~(lambda () | |
369 | ;; A stale lock file can prevent SLiM from starting, so remove it to | |
370 | ;; be on the safe side. | |
371 | (false-if-exception (delete-file "/var/run/slim.lock")) | |
372 | ||
373 | (fork+exec-command | |
374 | (list (string-append #$slim "/bin/slim") "-nodaemon") | |
375 | #:environment-variables | |
376 | (list (string-append "SLIM_CFGFILE=" #$slim.cfg) | |
377 | #$@(if theme | |
378 | (list #~(string-append "SLIM_THEMESDIR=" #$theme)) | |
379 | #~()))))) | |
380 | (stop #~(make-kill-destructor)) | |
381 | (respawn? #t)))) | |
382 | ||
383 | (define slim-service-type | |
384 | (service-type (name 'slim) | |
385 | (extensions | |
d4053c71 AK |
386 | (list (service-extension shepherd-root-service-type |
387 | slim-shepherd-service) | |
0adfe95a | 388 | (service-extension pam-root-service-type |
e9b82124 LC |
389 | slim-pam-service) |
390 | ||
391 | ;; Unconditionally add xterm to the system profile, to | |
392 | ;; avoid bad surprises. | |
393 | (service-extension profile-service-type | |
394 | (const (list xterm))))))) | |
0adfe95a | 395 | |
db4fdc04 LC |
396 | (define* (slim-service #:key (slim slim) |
397 | (allow-empty-passwords? #t) auto-login? | |
398 | (default-user "") | |
0ecc3bf3 LC |
399 | (theme %default-slim-theme) |
400 | (theme-name %default-slim-theme-name) | |
26b94866 | 401 | (xauth xauth) (shepherd shepherd) (bash bash) |
9e41130b LC |
402 | (auto-login-session (file-append windowmaker |
403 | "/bin/wmaker")) | |
be1c2c54 | 404 | (startx (xorg-start-command))) |
db4fdc04 | 405 | "Return a service that spawns the SLiM graphical login manager, which in |
51da7ca0 LC |
406 | turn starts the X display server with @var{startx}, a command as returned by |
407 | @code{xorg-start-command}. | |
db4fdc04 | 408 | |
04e4e6ab LC |
409 | @cindex X session |
410 | ||
411 | SLiM automatically looks for session types described by the @file{.desktop} | |
412 | files in @file{/run/current-system/profile/share/xsessions} and allows users | |
413 | to choose a session from the log-in screen using @kbd{F1}. Packages such as | |
414 | @var{xfce}, @var{sawfish}, and @var{ratpoison} provide @file{.desktop} files; | |
415 | adding them to the system-wide set of packages automatically makes them | |
416 | available at the log-in screen. | |
417 | ||
418 | In addition, @file{~/.xsession} files are honored. When available, | |
419 | @file{~/.xsession} must be an executable that starts a window manager | |
420 | and/or other X clients. | |
421 | ||
51da7ca0 LC |
422 | When @var{allow-empty-passwords?} is true, allow logins with an empty |
423 | password. When @var{auto-login?} is true, log in automatically as | |
24d56899 | 424 | @var{default-user} with @var{auto-login-session}. |
0ecc3bf3 LC |
425 | |
426 | If @var{theme} is @code{#f}, the use the default log-in theme; otherwise | |
427 | @var{theme} must be a gexp denoting the name of a directory containing the | |
428 | theme to use. In that case, @var{theme-name} specifies the name of the | |
4bd43bbe | 429 | theme." |
0adfe95a LC |
430 | (service slim-service-type |
431 | (slim-configuration | |
432 | (slim slim) | |
433 | (allow-empty-passwords? allow-empty-passwords?) | |
434 | (auto-login? auto-login?) (default-user default-user) | |
435 | (theme theme) (theme-name theme-name) | |
26b94866 | 436 | (xauth xauth) (shepherd shepherd) (bash bash) |
0adfe95a LC |
437 | (auto-login-session auto-login-session) |
438 | (startx startx)))) | |
db4fdc04 | 439 | |
6726282b LC |
440 | \f |
441 | ;;; | |
442 | ;;; Screen lockers & co. | |
443 | ;;; | |
444 | ||
445 | (define-record-type <screen-locker> | |
446 | (screen-locker name program empty?) | |
447 | screen-locker? | |
448 | (name screen-locker-name) ;string | |
449 | (program screen-locker-program) ;gexp | |
450 | (empty? screen-locker-allows-empty-passwords?)) ;Boolean | |
451 | ||
452 | (define screen-locker-pam-services | |
453 | (match-lambda | |
454 | (($ <screen-locker> name _ empty?) | |
455 | (list (unix-pam-service name | |
456 | #:allow-empty-passwords? empty?))))) | |
457 | ||
458 | (define screen-locker-setuid-programs | |
459 | (compose list screen-locker-program)) | |
460 | ||
461 | (define screen-locker-service-type | |
462 | (service-type (name 'screen-locker) | |
463 | (extensions | |
464 | (list (service-extension pam-root-service-type | |
465 | screen-locker-pam-services) | |
466 | (service-extension setuid-program-service-type | |
467 | screen-locker-setuid-programs))))) | |
468 | ||
469 | (define* (screen-locker-service package | |
470 | #:optional | |
471 | (program (package-name package)) | |
472 | #:key allow-empty-passwords?) | |
473 | "Add @var{package}, a package for a screen-locker or screen-saver whose | |
474 | command is @var{program}, to the set of setuid programs and add a PAM entry | |
475 | for it. For example: | |
476 | ||
477 | @lisp | |
9e41130b | 478 | (screen-locker-service xlockmore \"xlock\") |
6726282b LC |
479 | @end lisp |
480 | ||
481 | makes the good ol' XlockMore usable." | |
482 | (service screen-locker-service-type | |
483 | (screen-locker program | |
9e41130b | 484 | (file-append package "/bin/" program) |
6726282b LC |
485 | allow-empty-passwords?))) |
486 | ||
6e99c01b AW |
487 | (define %gdm-accounts |
488 | (list (user-group (name "gdm") (system? #t)) | |
489 | (user-account | |
490 | (name "gdm") | |
491 | (group "gdm") | |
492 | (system? #t) | |
493 | (comment "GNOME Display Manager user") | |
494 | (home-directory "/var/lib/gdm") | |
495 | (shell (file-append shadow "/sbin/nologin"))))) | |
496 | ||
497 | (define-record-type* <gdm-configuration> | |
498 | gdm-configuration make-gdm-configuration | |
499 | gdm-configuration? | |
500 | (gdm gdm-configuration-gdm (default gdm)) | |
501 | (allow-empty-passwords? gdm-configuration-allow-empty-passwords? (default #t)) | |
502 | (allow-root? gdm-configuration-allow-root? (default #t)) | |
503 | (auto-login? gdm-configuration-auto-login? (default #f)) | |
504 | (default-user gdm-configuration-default-user (default #f)) | |
505 | (x-server gdm-configuration-x-server)) | |
506 | ||
507 | (define (gdm-etc-service config) | |
508 | (define gdm-configuration-file | |
509 | (mixed-text-file "gdm-custom.conf" | |
510 | "[daemon]\n" | |
511 | "#User=gdm\n" | |
512 | "#Group=gdm\n" | |
513 | (if (gdm-configuration-auto-login? config) | |
514 | (string-append | |
515 | "AutomaticLoginEnable=true\n" | |
516 | "AutomaticLogin=" | |
517 | (or (gdm-configuration-default-user config) | |
518 | (error "missing default user for auto-login")) | |
519 | "\n") | |
520 | (string-append | |
521 | "AutomaticLoginEnable=false\n" | |
522 | "#AutomaticLogin=\n")) | |
523 | "#TimedLoginEnable=false\n" | |
524 | "#TimedLogin=\n" | |
525 | "#TimedLoginDelay=0\n" | |
526 | "#InitialSetupEnable=true\n" | |
527 | ;; Enable me once X is working. | |
528 | "WaylandEnable=false\n" | |
529 | "\n" | |
530 | "[debug]\n" | |
531 | "Enable=true\n" | |
532 | "\n" | |
533 | "[security]\n" | |
534 | "#DisallowTCP=true\n" | |
535 | "#AllowRemoteAutoLogin=false\n")) | |
536 | `(("gdm" ,(file-union | |
537 | "gdm" | |
538 | `(("custom.conf" ,gdm-configuration-file)))))) | |
539 | ||
540 | (define (gdm-pam-service config) | |
541 | "Return a PAM service for @command{gdm}." | |
542 | (list | |
543 | (pam-service | |
544 | (inherit (unix-pam-service "gdm-autologin")) | |
545 | (auth (list (pam-entry | |
546 | (control "[success=ok default=1]") | |
547 | (module (file-append (gdm-configuration-gdm config) | |
548 | "/lib/security/pam_gdm.so"))) | |
549 | (pam-entry | |
550 | (control "sufficient") | |
551 | (module "pam_permit.so"))))) | |
552 | (pam-service | |
553 | (inherit (unix-pam-service "gdm-launch-environment")) | |
554 | (auth (list (pam-entry | |
555 | (control "required") | |
556 | (module "pam_permit.so"))))) | |
557 | (unix-pam-service | |
558 | "gdm-password" | |
559 | #:allow-empty-passwords? (gdm-configuration-allow-empty-passwords? config) | |
560 | #:allow-root? (gdm-configuration-allow-root? config)))) | |
561 | ||
562 | (define (gdm-shepherd-service config) | |
563 | (list (shepherd-service | |
564 | (documentation "Xorg display server (GDM)") | |
565 | (provision '(xorg-server)) | |
566 | (requirement '(dbus-system user-processes host-name udev)) | |
567 | ;; While this service isn't working properly, turn off auto-start. | |
568 | (auto-start? #f) | |
569 | (start #~(lambda () | |
570 | (fork+exec-command | |
571 | (list #$(file-append (gdm-configuration-gdm config) | |
572 | "/bin/gdm")) | |
573 | #:environment-variables | |
574 | (list (string-append | |
575 | "GDM_X_SERVER=" | |
3eda8dd6 TS |
576 | #$(gdm-configuration-x-server config)) |
577 | ;; XXX: GDM requires access to a handful of | |
578 | ;; programs and components from Gnome (gnome-shell, | |
579 | ;; dbus, and gnome-session among others). The | |
580 | ;; following variables only work provided Gnome is | |
581 | ;; installed. | |
582 | "XDG_DATA_DIRS=/run/current-system/profile/share" | |
583 | "PATH=/run/current-system/profile/bin")))) | |
6e99c01b AW |
584 | (stop #~(make-kill-destructor)) |
585 | (respawn? #t)))) | |
586 | ||
587 | (define gdm-service-type | |
588 | (service-type (name 'gdm) | |
589 | (extensions | |
590 | (list (service-extension shepherd-root-service-type | |
591 | gdm-shepherd-service) | |
592 | (service-extension account-service-type | |
593 | (const %gdm-accounts)) | |
594 | (service-extension pam-root-service-type | |
595 | gdm-pam-service) | |
596 | (service-extension etc-service-type | |
597 | gdm-etc-service) | |
598 | (service-extension dbus-root-service-type | |
599 | (compose list gdm-configuration-gdm)))))) | |
600 | ||
601 | ;; This service isn't working yet; it gets as far as starting to run the | |
602 | ;; greeter from gnome-shell but doesn't get any further. It is here because | |
603 | ;; it doesn't hurt anyone and perhaps it inspires someone to fix it :) | |
604 | (define* (gdm-service #:key (gdm gdm) | |
605 | (allow-empty-passwords? #t) | |
606 | (x-server (xorg-wrapper))) | |
607 | "Return a service that spawns the GDM graphical login manager, which in turn | |
608 | starts the X display server with @var{X}, a command as returned by | |
609 | @code{xorg-wrapper}. | |
610 | ||
611 | @cindex X session | |
612 | ||
613 | GDM automatically looks for session types described by the @file{.desktop} | |
614 | files in @file{/run/current-system/profile/share/xsessions} and allows users | |
615 | to choose a session from the log-in screen using @kbd{F1}. Packages such as | |
616 | @var{xfce}, @var{sawfish}, and @var{ratpoison} provide @file{.desktop} files; | |
617 | adding them to the system-wide set of packages automatically makes them | |
618 | available at the log-in screen. | |
619 | ||
620 | In addition, @file{~/.xsession} files are honored. When available, | |
621 | @file{~/.xsession} must be an executable that starts a window manager | |
622 | and/or other X clients. | |
623 | ||
624 | When @var{allow-empty-passwords?} is true, allow logins with an empty | |
625 | password." | |
626 | (service gdm-service-type | |
627 | (gdm-configuration | |
628 | (gdm gdm) | |
629 | (allow-empty-passwords? allow-empty-passwords?) | |
630 | (x-server x-server)))) | |
631 | ||
db4fdc04 | 632 | ;;; xorg.scm ends here |