Commit | Line | Data |
---|---|---|
db4fdc04 | 1 | ;;; GNU Guix --- Functional package management for GNU |
92753a8b | 2 | ;;; Copyright © 2017 Andy Wingo <wingo@igalia.com> |
d344f5a5 | 3 | ;;; Copyright © 2013, 2014, 2015, 2016, 2017 Ludovic Courtès <ludo@gnu.org> |
4bd43bbe | 4 | ;;; Copyright © 2015 Sou Bunnbu <iyzsong@gmail.com> |
db4fdc04 LC |
5 | ;;; |
6 | ;;; This file is part of GNU Guix. | |
7 | ;;; | |
8 | ;;; GNU Guix is free software; you can redistribute it and/or modify it | |
9 | ;;; under the terms of the GNU General Public License as published by | |
10 | ;;; the Free Software Foundation; either version 3 of the License, or (at | |
11 | ;;; your option) any later version. | |
12 | ;;; | |
13 | ;;; GNU Guix is distributed in the hope that it will be useful, but | |
14 | ;;; WITHOUT ANY WARRANTY; without even the implied warranty of | |
15 | ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
16 | ;;; GNU General Public License for more details. | |
17 | ;;; | |
18 | ;;; You should have received a copy of the GNU General Public License | |
19 | ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. | |
20 | ||
21 | (define-module (gnu services xorg) | |
84dfb458 | 22 | #:use-module (gnu artwork) |
db4fdc04 | 23 | #:use-module (gnu services) |
0190c1c0 | 24 | #:use-module (gnu services shepherd) |
6e828634 | 25 | #:use-module (gnu system pam) |
6e99c01b | 26 | #:use-module (gnu services dbus) |
bdb36958 LC |
27 | #:use-module ((gnu packages base) #:select (canonical-package)) |
28 | #:use-module (gnu packages guile) | |
db4fdc04 LC |
29 | #:use-module (gnu packages xorg) |
30 | #:use-module (gnu packages gl) | |
5fd66a37 | 31 | #:use-module (gnu packages display-managers) |
9e4eddb4 | 32 | #:use-module (gnu packages gnustep) |
6e99c01b | 33 | #:use-module (gnu packages gnome) |
db4fdc04 LC |
34 | #:use-module (gnu packages admin) |
35 | #:use-module (gnu packages bash) | |
6e99c01b | 36 | #:use-module (gnu system shadow) |
b5f4e686 | 37 | #:use-module (guix gexp) |
e87f0591 | 38 | #:use-module (guix store) |
6726282b | 39 | #:use-module (guix packages) |
db4fdc04 | 40 | #:use-module (guix derivations) |
ffc3a02b | 41 | #:use-module (guix records) |
d2e59637 | 42 | #:use-module (srfi srfi-1) |
6726282b | 43 | #:use-module (srfi srfi-9) |
d2e59637 LC |
44 | #:use-module (srfi srfi-26) |
45 | #:use-module (ice-9 match) | |
d1cdd7ba | 46 | #:export (xorg-configuration-file |
79fd74fa | 47 | %default-xorg-modules |
d344f5a5 | 48 | %default-xorg-fonts |
92753a8b | 49 | xorg-wrapper |
d1cdd7ba | 50 | xorg-start-command |
f2901d82 DC |
51 | xinitrc |
52 | ||
0ecc3bf3 LC |
53 | %default-slim-theme |
54 | %default-slim-theme-name | |
4b7513e0 DT |
55 | slim-configuration |
56 | slim-service-type | |
6726282b LC |
57 | slim-service |
58 | ||
24e96431 TČ |
59 | screen-locker |
60 | screen-locker? | |
6726282b | 61 | screen-locker-service-type |
6e99c01b AW |
62 | screen-locker-service |
63 | ||
64 | gdm-configuration | |
65 | gdm-service-type | |
66 | gdm-service)) | |
db4fdc04 LC |
67 | |
68 | ;;; Commentary: | |
69 | ;;; | |
70 | ;;; Services that relate to the X Window System. | |
71 | ;;; | |
72 | ;;; Code: | |
73 | ||
d344f5a5 LC |
74 | (define %default-xorg-modules |
75 | ;; Default list of modules loaded by the server. Note that the order | |
76 | ;; matters since it determines which driver is going to be used when there's | |
77 | ;; a choice. | |
78 | (list xf86-video-vesa | |
79 | xf86-video-fbdev | |
80 | xf86-video-ati | |
81 | xf86-video-cirrus | |
82 | xf86-video-intel | |
83 | xf86-video-mach64 | |
84 | xf86-video-nouveau | |
85 | xf86-video-nv | |
86 | xf86-video-sis | |
87 | ||
88 | ;; Libinput is the new thing and is recommended over evdev/synaptics: | |
89 | ;; <http://who-t.blogspot.fr/2015/01/xf86-input-libinput-compatibility-with.html>. | |
90 | xf86-input-libinput | |
91 | ||
92 | xf86-input-evdev | |
93 | xf86-input-keyboard | |
94 | xf86-input-mouse | |
95 | xf86-input-synaptics)) | |
96 | ||
97 | (define %default-xorg-fonts | |
98 | ;; Default list of fonts available to the X server. | |
99 | (list (file-append font-alias "/share/fonts/X11/75dpi") | |
100 | (file-append font-alias "/share/fonts/X11/100dpi") | |
101 | (file-append font-alias "/share/fonts/X11/misc") | |
102 | (file-append font-alias "/share/fonts/X11/cyrillic") | |
103 | (file-append font-adobe75dpi "/share/fonts/X11/75dpi"))) | |
104 | ||
105 | (define* (xorg-configuration-file #:key | |
106 | (modules %default-xorg-modules) | |
107 | (fonts %default-xorg-fonts) | |
108 | (drivers '()) (resolutions '()) | |
12422c9d | 109 | (extra-config '())) |
d1cdd7ba LC |
110 | "Return a configuration file for the Xorg server containing search paths for |
111 | all the common drivers. | |
f703413e | 112 | |
d344f5a5 LC |
113 | @var{modules} must be a list of @dfn{module packages} loaded by the Xorg |
114 | server---e.g., @code{xf86-video-vesa}, @code{xf86-input-keyboard}, and so on. | |
115 | @var{fonts} must be a list of font directories to add to the server's | |
116 | @dfn{font path}. | |
117 | ||
f703413e LC |
118 | @var{drivers} must be either the empty list, in which case Xorg chooses a |
119 | graphics driver automatically, or a list of driver names that will be tried in | |
d2e59637 LC |
120 | this order---e.g., @code{(\"modesetting\" \"vesa\")}. |
121 | ||
122 | Likewise, when @var{resolutions} is the empty list, Xorg chooses an | |
123 | appropriate screen resolution; otherwise, it must be a list of | |
12422c9d LC |
124 | resolutions---e.g., @code{((1024 768) (640 480))}. |
125 | ||
126 | Last, @var{extra-config} is a list of strings or objects appended to the | |
d344f5a5 | 127 | configuration file. It is used to pass extra text to be |
be1c2c54 | 128 | added verbatim to the configuration file." |
d344f5a5 LC |
129 | (define all-modules |
130 | ;; 'xorg-server' provides 'fbdevhw.so' etc. | |
131 | (append modules (list xorg-server))) | |
132 | ||
133 | (define build | |
134 | #~(begin | |
135 | (use-modules (ice-9 match) | |
136 | (srfi srfi-1) | |
137 | (srfi srfi-26)) | |
138 | ||
139 | (call-with-output-file #$output | |
140 | (lambda (port) | |
141 | (define drivers | |
142 | '#$drivers) | |
143 | ||
144 | (define (device-section driver) | |
145 | (string-append " | |
f703413e LC |
146 | Section \"Device\" |
147 | Identifier \"device-" driver "\" | |
148 | Driver \"" driver "\" | |
149 | EndSection")) | |
db4fdc04 | 150 | |
d344f5a5 LC |
151 | (define (screen-section driver resolutions) |
152 | (string-append " | |
d2e59637 LC |
153 | Section \"Screen\" |
154 | Identifier \"screen-" driver "\" | |
155 | Device \"device-" driver "\" | |
156 | SubSection \"Display\" | |
157 | Modes " | |
158 | (string-join (map (match-lambda | |
d1cdd7ba LC |
159 | ((x y) |
160 | (string-append "\"" (number->string x) | |
161 | "x" (number->string y) "\""))) | |
d2e59637 LC |
162 | resolutions)) " |
163 | EndSubSection | |
164 | EndSection")) | |
165 | ||
d344f5a5 LC |
166 | (define (expand modules) |
167 | ;; Append to MODULES the relevant /lib/xorg/modules | |
168 | ;; sub-directories. | |
169 | (append-map (lambda (module) | |
170 | (filter-map (lambda (directory) | |
171 | (let ((full (string-append module | |
172 | directory))) | |
173 | (and (file-exists? full) | |
174 | full))) | |
175 | '("/lib/xorg/modules/drivers" | |
176 | "/lib/xorg/modules/input" | |
177 | "/lib/xorg/modules/multimedia" | |
178 | "/lib/xorg/modules/extensions"))) | |
179 | modules)) | |
db4fdc04 | 180 | |
d344f5a5 LC |
181 | (display "Section \"Files\"\n" port) |
182 | (for-each (lambda (font) | |
183 | (format port " FontPath \"~a\"~%" font)) | |
184 | '#$fonts) | |
185 | (for-each (lambda (module) | |
186 | (format port | |
187 | " ModulePath \"~a\"~%" | |
188 | module)) | |
189 | (append (expand '#$all-modules) | |
190 | ||
191 | ;; For fbdevhw.so and so on. | |
192 | (list #$(file-append xorg-server | |
193 | "/lib/xorg/modules")))) | |
194 | (display "EndSection\n" port) | |
195 | (display " | |
db4fdc04 | 196 | Section \"ServerFlags\" |
e30442b5 | 197 | Option \"AllowMouseOpenFail\" \"on\" |
d344f5a5 | 198 | EndSection\n" port) |
12422c9d | 199 | |
d344f5a5 LC |
200 | (display (string-join (map device-section drivers) "\n") |
201 | port) | |
202 | (newline port) | |
203 | (display (string-join | |
204 | (map (cut screen-section <> '#$resolutions) | |
205 | drivers) | |
206 | "\n") | |
207 | port) | |
208 | (newline port) | |
209 | ||
210 | (for-each (lambda (config) | |
211 | (display config port)) | |
212 | '#$extra-config))))) | |
213 | ||
214 | (computed-file "xserver.conf" build)) | |
db4fdc04 | 215 | |
79fd74fa AW |
216 | |
217 | (define (xorg-configuration-directory modules) | |
218 | "Return a directory that contains the @code{.conf} files for X.org that | |
219 | includes the @code{share/X11/xorg.conf.d} directories of each package listed | |
220 | in @var{modules}." | |
4ee96a79 LC |
221 | (with-imported-modules '((guix build utils)) |
222 | (computed-file "xorg.conf.d" | |
223 | #~(begin | |
224 | (use-modules (guix build utils) | |
225 | (srfi srfi-1)) | |
226 | ||
227 | (define files | |
228 | (append-map (lambda (module) | |
229 | (find-files (string-append | |
230 | module | |
231 | "/share/X11/xorg.conf.d") | |
232 | "\\.conf$")) | |
233 | (list #$@modules))) | |
234 | ||
235 | (mkdir #$output) | |
236 | (for-each (lambda (file) | |
237 | (symlink file | |
238 | (string-append #$output "/" | |
239 | (basename file)))) | |
240 | files) | |
241 | #t)))) | |
79fd74fa | 242 | |
92753a8b AW |
243 | (define* (xorg-wrapper #:key |
244 | (guile (canonical-package guile-2.0)) | |
92753a8b | 245 | (modules %default-xorg-modules) |
d344f5a5 LC |
246 | (configuration-file (xorg-configuration-file |
247 | #:modules modules)) | |
92753a8b | 248 | (xorg-server xorg-server)) |
d1cdd7ba LC |
249 | "Return a derivation that builds a @var{guile} script to start the X server |
250 | from @var{xorg-server}. @var{configuration-file} is the server configuration | |
251 | file or a derivation that builds it; when omitted, the result of | |
92753a8b AW |
252 | @code{xorg-configuration-file} is used. The resulting script should be used |
253 | in place of @code{/usr/bin/X}." | |
be1c2c54 LC |
254 | (define exp |
255 | ;; Write a small wrapper around the X server. | |
256 | #~(begin | |
257 | (setenv "XORG_DRI_DRIVER_PATH" (string-append #$mesa "/lib/dri")) | |
258 | (setenv "XKB_BINDIR" (string-append #$xkbcomp "/bin")) | |
259 | ||
92753a8b AW |
260 | (let ((X (string-append #$xorg-server "/bin/X"))) |
261 | (apply execl X X | |
262 | "-xkbdir" (string-append #$xkeyboard-config "/share/X11/xkb") | |
263 | "-config" #$configuration-file | |
264 | "-configdir" #$(xorg-configuration-directory modules) | |
265 | (cdr (command-line)))))) | |
266 | ||
267 | (program-file "X-wrapper" exp)) | |
be1c2c54 | 268 | |
92753a8b AW |
269 | (define* (xorg-start-command #:key |
270 | (guile (canonical-package guile-2.0)) | |
92753a8b | 271 | (modules %default-xorg-modules) |
d344f5a5 LC |
272 | (fonts %default-xorg-fonts) |
273 | (configuration-file | |
274 | (xorg-configuration-file #:modules modules | |
275 | #:fonts fonts)) | |
92753a8b | 276 | (xorg-server xorg-server)) |
d344f5a5 LC |
277 | "Return a @code{startx} script in which @var{modules}, a list of X module |
278 | packages, and @var{fonts}, a list of X font directories, are available. See | |
279 | @code{xorg-wrapper} for more details on the arguments. The result should be | |
280 | used in place of @code{startx}." | |
92753a8b AW |
281 | (define X |
282 | (xorg-wrapper #:guile guile | |
283 | #:configuration-file configuration-file | |
284 | #:modules modules | |
285 | #:xorg-server xorg-server)) | |
286 | (define exp | |
287 | ;; Write a small wrapper around the X server. | |
288 | #~(apply execl #$X #$X ;; Second #$X is for argv[0]. | |
289 | "-logverbose" "-verbose" "-nolisten" "tcp" "-terminate" | |
290 | (cdr (command-line)))) | |
be1c2c54 | 291 | |
92753a8b | 292 | (program-file "startx" exp)) |
db4fdc04 | 293 | |
9e4eddb4 | 294 | (define* (xinitrc #:key |
bdb36958 | 295 | (guile (canonical-package guile-2.0)) |
24d56899 SB |
296 | fallback-session) |
297 | "Return a system-wide xinitrc script that starts the specified X session, | |
298 | which should be passed to this script as the first argument. If not, the | |
299 | @var{fallback-session} will be used." | |
8779d342 LC |
300 | (define builder |
301 | #~(begin | |
302 | (use-modules (ice-9 match)) | |
303 | ||
16c33bfb LC |
304 | (define (close-all-fdes) |
305 | ;; Close all the open file descriptors except 0 to 2. | |
306 | (let loop ((fd 3)) | |
307 | (when (< fd 4096) ;FIXME: use sysconf + _SC_OPEN_MAX | |
308 | (false-if-exception (close-fdes fd)) | |
309 | (loop (+ 1 fd))))) | |
310 | ||
b2bd7c25 LC |
311 | (define (exec-from-login-shell command . args) |
312 | ;; Run COMMAND from a login shell so that it gets to see the same | |
313 | ;; environment variables that one gets when logging in on a tty, for | |
314 | ;; instance. | |
315 | (let* ((pw (getpw (getuid))) | |
e0b85670 SB |
316 | (shell (passwd:shell pw))) |
317 | ;; Close any open file descriptors. This is all the more | |
318 | ;; important that SLiM itself exec's us directly without closing | |
319 | ;; its own file descriptors! | |
320 | (close-all-fdes) | |
321 | ||
322 | ;; The '--login' option is supported at least by Bash and zsh. | |
323 | (execl shell shell "--login" "-c" | |
324 | (string-join (cons command args))))) | |
325 | ||
326 | (let* ((home (getenv "HOME")) | |
327 | (xsession-file (string-append home "/.xsession")) | |
328 | (session (match (command-line) | |
c510cbb4 LC |
329 | ((_) (list #$fallback-session)) |
330 | ((_ x ..1) x)))) | |
e0b85670 SB |
331 | (if (file-exists? xsession-file) |
332 | ;; Run ~/.xsession when it exists. | |
f2ab9250 | 333 | (apply exec-from-login-shell xsession-file session) |
e0b85670 | 334 | ;; Otherwise, start the specified session. |
c510cbb4 LC |
335 | (apply exec-from-login-shell session))))) |
336 | ||
be1c2c54 | 337 | (program-file "xinitrc" builder)) |
9e4eddb4 | 338 | |
0ecc3bf3 LC |
339 | \f |
340 | ;;; | |
341 | ;;; SLiM log-in manager. | |
342 | ;;; | |
343 | ||
0ecc3bf3 LC |
344 | (define %default-slim-theme |
345 | ;; Theme based on work by Felipe López. | |
9e41130b | 346 | (file-append %artwork-repository "/slim")) |
0ecc3bf3 LC |
347 | |
348 | (define %default-slim-theme-name | |
349 | ;; This must be the name of the sub-directory in %DEFAULT-SLIM-THEME that | |
350 | ;; contains the actual theme files. | |
cf2abac8 | 351 | "0.x") |
0ecc3bf3 | 352 | |
0adfe95a LC |
353 | (define-record-type* <slim-configuration> |
354 | slim-configuration make-slim-configuration | |
355 | slim-configuration? | |
356 | (slim slim-configuration-slim | |
357 | (default slim)) | |
358 | (allow-empty-passwords? slim-configuration-allow-empty-passwords?) | |
359 | (auto-login? slim-configuration-auto-login?) | |
360 | (default-user slim-configuration-default-user) | |
361 | (theme slim-configuration-theme) | |
362 | (theme-name slim-configuration-theme-name) | |
363 | (xauth slim-configuration-xauth | |
364 | (default xauth)) | |
26b94866 AK |
365 | (shepherd slim-configuration-shepherd |
366 | (default shepherd)) | |
0adfe95a LC |
367 | (auto-login-session slim-configuration-auto-login-session) |
368 | (startx slim-configuration-startx)) | |
369 | ||
370 | (define (slim-pam-service config) | |
371 | "Return a PAM service for @command{slim}." | |
372 | (list (unix-pam-service | |
373 | "slim" | |
374 | #:allow-empty-passwords? | |
375 | (slim-configuration-allow-empty-passwords? config)))) | |
376 | ||
d4053c71 | 377 | (define (slim-shepherd-service config) |
0adfe95a LC |
378 | (define slim.cfg |
379 | (let ((xinitrc (xinitrc #:fallback-session | |
380 | (slim-configuration-auto-login-session config))) | |
381 | (slim (slim-configuration-slim config)) | |
382 | (xauth (slim-configuration-xauth config)) | |
383 | (startx (slim-configuration-startx config)) | |
26b94866 | 384 | (shepherd (slim-configuration-shepherd config)) |
0adfe95a LC |
385 | (theme-name (slim-configuration-theme-name config))) |
386 | (mixed-text-file "slim.cfg" " | |
387 | default_path /run/current-system/profile/bin | |
388 | default_xserver " startx " | |
389 | xserver_arguments :0 vt7 | |
390 | xauth_path " xauth "/bin/xauth | |
391 | authfile /var/run/slim.auth | |
392 | ||
393 | # The login command. '%session' is replaced by the chosen session name, one | |
394 | # of the names specified in the 'sessions' setting: 'wmaker', 'xfce', etc. | |
395 | login_cmd exec " xinitrc " %session | |
396 | sessiondir /run/current-system/profile/share/xsessions | |
397 | session_msg session (F1 to change): | |
398 | ||
26b94866 AK |
399 | halt_cmd " shepherd "/sbin/halt |
400 | reboot_cmd " shepherd "/sbin/reboot\n" | |
0adfe95a LC |
401 | (if (slim-configuration-auto-login? config) |
402 | (string-append "auto_login yes\ndefault_user " | |
403 | (slim-configuration-default-user config) "\n") | |
404 | "") | |
405 | (if theme-name | |
406 | (string-append "current_theme " theme-name "\n") | |
407 | "")))) | |
408 | ||
409 | (define theme | |
410 | (slim-configuration-theme config)) | |
411 | ||
d4053c71 | 412 | (list (shepherd-service |
0adfe95a LC |
413 | (documentation "Xorg display server") |
414 | (provision '(xorg-server)) | |
415 | (requirement '(user-processes host-name udev)) | |
416 | (start | |
417 | #~(lambda () | |
418 | ;; A stale lock file can prevent SLiM from starting, so remove it to | |
419 | ;; be on the safe side. | |
420 | (false-if-exception (delete-file "/var/run/slim.lock")) | |
421 | ||
422 | (fork+exec-command | |
423 | (list (string-append #$slim "/bin/slim") "-nodaemon") | |
424 | #:environment-variables | |
425 | (list (string-append "SLIM_CFGFILE=" #$slim.cfg) | |
426 | #$@(if theme | |
427 | (list #~(string-append "SLIM_THEMESDIR=" #$theme)) | |
428 | #~()))))) | |
429 | (stop #~(make-kill-destructor)) | |
430 | (respawn? #t)))) | |
431 | ||
432 | (define slim-service-type | |
433 | (service-type (name 'slim) | |
434 | (extensions | |
d4053c71 AK |
435 | (list (service-extension shepherd-root-service-type |
436 | slim-shepherd-service) | |
0adfe95a | 437 | (service-extension pam-root-service-type |
e9b82124 LC |
438 | slim-pam-service) |
439 | ||
440 | ;; Unconditionally add xterm to the system profile, to | |
441 | ;; avoid bad surprises. | |
442 | (service-extension profile-service-type | |
443 | (const (list xterm))))))) | |
0adfe95a | 444 | |
db4fdc04 LC |
445 | (define* (slim-service #:key (slim slim) |
446 | (allow-empty-passwords? #t) auto-login? | |
447 | (default-user "") | |
0ecc3bf3 LC |
448 | (theme %default-slim-theme) |
449 | (theme-name %default-slim-theme-name) | |
94b9abd9 | 450 | (xauth xauth) (shepherd shepherd) |
9e41130b LC |
451 | (auto-login-session (file-append windowmaker |
452 | "/bin/wmaker")) | |
be1c2c54 | 453 | (startx (xorg-start-command))) |
db4fdc04 | 454 | "Return a service that spawns the SLiM graphical login manager, which in |
51da7ca0 LC |
455 | turn starts the X display server with @var{startx}, a command as returned by |
456 | @code{xorg-start-command}. | |
db4fdc04 | 457 | |
04e4e6ab LC |
458 | @cindex X session |
459 | ||
460 | SLiM automatically looks for session types described by the @file{.desktop} | |
461 | files in @file{/run/current-system/profile/share/xsessions} and allows users | |
462 | to choose a session from the log-in screen using @kbd{F1}. Packages such as | |
463 | @var{xfce}, @var{sawfish}, and @var{ratpoison} provide @file{.desktop} files; | |
464 | adding them to the system-wide set of packages automatically makes them | |
465 | available at the log-in screen. | |
466 | ||
467 | In addition, @file{~/.xsession} files are honored. When available, | |
468 | @file{~/.xsession} must be an executable that starts a window manager | |
469 | and/or other X clients. | |
470 | ||
51da7ca0 LC |
471 | When @var{allow-empty-passwords?} is true, allow logins with an empty |
472 | password. When @var{auto-login?} is true, log in automatically as | |
24d56899 | 473 | @var{default-user} with @var{auto-login-session}. |
0ecc3bf3 LC |
474 | |
475 | If @var{theme} is @code{#f}, the use the default log-in theme; otherwise | |
476 | @var{theme} must be a gexp denoting the name of a directory containing the | |
477 | theme to use. In that case, @var{theme-name} specifies the name of the | |
4bd43bbe | 478 | theme." |
0adfe95a LC |
479 | (service slim-service-type |
480 | (slim-configuration | |
481 | (slim slim) | |
482 | (allow-empty-passwords? allow-empty-passwords?) | |
483 | (auto-login? auto-login?) (default-user default-user) | |
484 | (theme theme) (theme-name theme-name) | |
94b9abd9 | 485 | (xauth xauth) (shepherd shepherd) |
0adfe95a LC |
486 | (auto-login-session auto-login-session) |
487 | (startx startx)))) | |
db4fdc04 | 488 | |
6726282b LC |
489 | \f |
490 | ;;; | |
491 | ;;; Screen lockers & co. | |
492 | ;;; | |
493 | ||
494 | (define-record-type <screen-locker> | |
495 | (screen-locker name program empty?) | |
496 | screen-locker? | |
497 | (name screen-locker-name) ;string | |
498 | (program screen-locker-program) ;gexp | |
499 | (empty? screen-locker-allows-empty-passwords?)) ;Boolean | |
500 | ||
501 | (define screen-locker-pam-services | |
502 | (match-lambda | |
503 | (($ <screen-locker> name _ empty?) | |
504 | (list (unix-pam-service name | |
505 | #:allow-empty-passwords? empty?))))) | |
506 | ||
507 | (define screen-locker-setuid-programs | |
508 | (compose list screen-locker-program)) | |
509 | ||
510 | (define screen-locker-service-type | |
511 | (service-type (name 'screen-locker) | |
512 | (extensions | |
513 | (list (service-extension pam-root-service-type | |
514 | screen-locker-pam-services) | |
515 | (service-extension setuid-program-service-type | |
516 | screen-locker-setuid-programs))))) | |
517 | ||
518 | (define* (screen-locker-service package | |
519 | #:optional | |
520 | (program (package-name package)) | |
521 | #:key allow-empty-passwords?) | |
522 | "Add @var{package}, a package for a screen-locker or screen-saver whose | |
523 | command is @var{program}, to the set of setuid programs and add a PAM entry | |
524 | for it. For example: | |
525 | ||
526 | @lisp | |
9e41130b | 527 | (screen-locker-service xlockmore \"xlock\") |
6726282b LC |
528 | @end lisp |
529 | ||
530 | makes the good ol' XlockMore usable." | |
531 | (service screen-locker-service-type | |
532 | (screen-locker program | |
9e41130b | 533 | (file-append package "/bin/" program) |
6726282b LC |
534 | allow-empty-passwords?))) |
535 | ||
6e99c01b AW |
536 | (define %gdm-accounts |
537 | (list (user-group (name "gdm") (system? #t)) | |
538 | (user-account | |
539 | (name "gdm") | |
540 | (group "gdm") | |
541 | (system? #t) | |
542 | (comment "GNOME Display Manager user") | |
543 | (home-directory "/var/lib/gdm") | |
544 | (shell (file-append shadow "/sbin/nologin"))))) | |
545 | ||
546 | (define-record-type* <gdm-configuration> | |
547 | gdm-configuration make-gdm-configuration | |
548 | gdm-configuration? | |
549 | (gdm gdm-configuration-gdm (default gdm)) | |
550 | (allow-empty-passwords? gdm-configuration-allow-empty-passwords? (default #t)) | |
551 | (allow-root? gdm-configuration-allow-root? (default #t)) | |
552 | (auto-login? gdm-configuration-auto-login? (default #f)) | |
553 | (default-user gdm-configuration-default-user (default #f)) | |
554 | (x-server gdm-configuration-x-server)) | |
555 | ||
556 | (define (gdm-etc-service config) | |
557 | (define gdm-configuration-file | |
558 | (mixed-text-file "gdm-custom.conf" | |
559 | "[daemon]\n" | |
560 | "#User=gdm\n" | |
561 | "#Group=gdm\n" | |
562 | (if (gdm-configuration-auto-login? config) | |
563 | (string-append | |
564 | "AutomaticLoginEnable=true\n" | |
565 | "AutomaticLogin=" | |
566 | (or (gdm-configuration-default-user config) | |
567 | (error "missing default user for auto-login")) | |
568 | "\n") | |
569 | (string-append | |
570 | "AutomaticLoginEnable=false\n" | |
571 | "#AutomaticLogin=\n")) | |
572 | "#TimedLoginEnable=false\n" | |
573 | "#TimedLogin=\n" | |
574 | "#TimedLoginDelay=0\n" | |
575 | "#InitialSetupEnable=true\n" | |
576 | ;; Enable me once X is working. | |
577 | "WaylandEnable=false\n" | |
578 | "\n" | |
579 | "[debug]\n" | |
580 | "Enable=true\n" | |
581 | "\n" | |
582 | "[security]\n" | |
583 | "#DisallowTCP=true\n" | |
584 | "#AllowRemoteAutoLogin=false\n")) | |
585 | `(("gdm" ,(file-union | |
586 | "gdm" | |
587 | `(("custom.conf" ,gdm-configuration-file)))))) | |
588 | ||
589 | (define (gdm-pam-service config) | |
590 | "Return a PAM service for @command{gdm}." | |
591 | (list | |
592 | (pam-service | |
593 | (inherit (unix-pam-service "gdm-autologin")) | |
594 | (auth (list (pam-entry | |
595 | (control "[success=ok default=1]") | |
596 | (module (file-append (gdm-configuration-gdm config) | |
597 | "/lib/security/pam_gdm.so"))) | |
598 | (pam-entry | |
599 | (control "sufficient") | |
600 | (module "pam_permit.so"))))) | |
601 | (pam-service | |
602 | (inherit (unix-pam-service "gdm-launch-environment")) | |
603 | (auth (list (pam-entry | |
604 | (control "required") | |
605 | (module "pam_permit.so"))))) | |
606 | (unix-pam-service | |
607 | "gdm-password" | |
608 | #:allow-empty-passwords? (gdm-configuration-allow-empty-passwords? config) | |
609 | #:allow-root? (gdm-configuration-allow-root? config)))) | |
610 | ||
611 | (define (gdm-shepherd-service config) | |
612 | (list (shepherd-service | |
613 | (documentation "Xorg display server (GDM)") | |
614 | (provision '(xorg-server)) | |
615 | (requirement '(dbus-system user-processes host-name udev)) | |
616 | ;; While this service isn't working properly, turn off auto-start. | |
617 | (auto-start? #f) | |
618 | (start #~(lambda () | |
619 | (fork+exec-command | |
620 | (list #$(file-append (gdm-configuration-gdm config) | |
621 | "/bin/gdm")) | |
622 | #:environment-variables | |
623 | (list (string-append | |
624 | "GDM_X_SERVER=" | |
3eda8dd6 TS |
625 | #$(gdm-configuration-x-server config)) |
626 | ;; XXX: GDM requires access to a handful of | |
627 | ;; programs and components from Gnome (gnome-shell, | |
628 | ;; dbus, and gnome-session among others). The | |
629 | ;; following variables only work provided Gnome is | |
630 | ;; installed. | |
631 | "XDG_DATA_DIRS=/run/current-system/profile/share" | |
632 | "PATH=/run/current-system/profile/bin")))) | |
6e99c01b AW |
633 | (stop #~(make-kill-destructor)) |
634 | (respawn? #t)))) | |
635 | ||
636 | (define gdm-service-type | |
637 | (service-type (name 'gdm) | |
638 | (extensions | |
639 | (list (service-extension shepherd-root-service-type | |
640 | gdm-shepherd-service) | |
641 | (service-extension account-service-type | |
642 | (const %gdm-accounts)) | |
643 | (service-extension pam-root-service-type | |
644 | gdm-pam-service) | |
645 | (service-extension etc-service-type | |
646 | gdm-etc-service) | |
647 | (service-extension dbus-root-service-type | |
648 | (compose list gdm-configuration-gdm)))))) | |
649 | ||
650 | ;; This service isn't working yet; it gets as far as starting to run the | |
651 | ;; greeter from gnome-shell but doesn't get any further. It is here because | |
652 | ;; it doesn't hurt anyone and perhaps it inspires someone to fix it :) | |
653 | (define* (gdm-service #:key (gdm gdm) | |
654 | (allow-empty-passwords? #t) | |
655 | (x-server (xorg-wrapper))) | |
656 | "Return a service that spawns the GDM graphical login manager, which in turn | |
657 | starts the X display server with @var{X}, a command as returned by | |
658 | @code{xorg-wrapper}. | |
659 | ||
660 | @cindex X session | |
661 | ||
662 | GDM automatically looks for session types described by the @file{.desktop} | |
663 | files in @file{/run/current-system/profile/share/xsessions} and allows users | |
664 | to choose a session from the log-in screen using @kbd{F1}. Packages such as | |
665 | @var{xfce}, @var{sawfish}, and @var{ratpoison} provide @file{.desktop} files; | |
666 | adding them to the system-wide set of packages automatically makes them | |
667 | available at the log-in screen. | |
668 | ||
669 | In addition, @file{~/.xsession} files are honored. When available, | |
670 | @file{~/.xsession} must be an executable that starts a window manager | |
671 | and/or other X clients. | |
672 | ||
673 | When @var{allow-empty-passwords?} is true, allow logins with an empty | |
674 | password." | |
675 | (service gdm-service-type | |
676 | (gdm-configuration | |
677 | (gdm gdm) | |
678 | (allow-empty-passwords? allow-empty-passwords?) | |
679 | (x-server x-server)))) | |
680 | ||
db4fdc04 | 681 | ;;; xorg.scm ends here |