| 1 | ;;; GNU Guix --- Functional package management for GNU |
| 2 | ;;; Copyright © 2016 David Craven <david@craven.ch> |
| 3 | ;;; Copyright © 2019 Ludovic Courtès <ludo@gnu.org> |
| 4 | ;;; Copyright © 2019 Jesse Gildersleve <jessejohngildersleve@protonmail.com> |
| 5 | ;;; Copyright © 2020 Jakub Kądziołka <kuba@kadziolka.net> |
| 6 | ;;; |
| 7 | ;;; This file is part of GNU Guix. |
| 8 | ;;; |
| 9 | ;;; GNU Guix is free software; you can redistribute it and/or modify it |
| 10 | ;;; under the terms of the GNU General Public License as published by |
| 11 | ;;; the Free Software Foundation; either version 3 of the License, or (at |
| 12 | ;;; your option) any later version. |
| 13 | ;;; |
| 14 | ;;; GNU Guix is distributed in the hope that it will be useful, but |
| 15 | ;;; WITHOUT ANY WARRANTY; without even the implied warranty of |
| 16 | ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 17 | ;;; GNU General Public License for more details. |
| 18 | ;;; |
| 19 | ;;; You should have received a copy of the GNU General Public License |
| 20 | ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. |
| 21 | |
| 22 | (define-module (gnu services sddm) |
| 23 | #:use-module (gnu packages admin) |
| 24 | #:use-module (gnu packages display-managers) |
| 25 | #:use-module (gnu packages freedesktop) |
| 26 | #:use-module (gnu packages xorg) |
| 27 | #:use-module (gnu services) |
| 28 | #:use-module (gnu services shepherd) |
| 29 | #:use-module (gnu services xorg) |
| 30 | #:use-module (gnu system pam) |
| 31 | #:use-module (gnu system shadow) |
| 32 | #:use-module (guix gexp) |
| 33 | #:use-module (guix records) |
| 34 | #:use-module (guix deprecation) |
| 35 | #:export (sddm-configuration |
| 36 | sddm-configuration? |
| 37 | sddm-service-type |
| 38 | sddm-service)) |
| 39 | |
| 40 | (define-record-type* <sddm-configuration> |
| 41 | sddm-configuration make-sddm-configuration |
| 42 | sddm-configuration? |
| 43 | (sddm sddm-configuration-sddm |
| 44 | (default sddm)) |
| 45 | |
| 46 | ;; [General] |
| 47 | ;; valid values are x11 and wayland |
| 48 | ;; currently doesn't do anything is enabled by wayland greeter PR |
| 49 | (display-server sddm-configuration-display-server |
| 50 | (default "x11")) |
| 51 | ;; valid values are on, off or none |
| 52 | (numlock sddm-configuration-numlock |
| 53 | (default "on")) |
| 54 | (halt-command sddm-configuration-halt-command |
| 55 | (default (file-append shepherd "/sbin/halt"))) |
| 56 | (reboot-command sddm-configuration-reboot-command |
| 57 | (default (file-append shepherd "/sbin/reboot"))) |
| 58 | |
| 59 | ;; [Theme] |
| 60 | ;; valid values are elarun, maldives or maya |
| 61 | (theme sddm-configuration-theme |
| 62 | (default "maldives")) |
| 63 | (themes-directory sddm-configuration-themes-directory |
| 64 | (default "/run/current-system/profile/share/sddm/themes")) |
| 65 | (faces-directory sddm-configuration-faces-directory |
| 66 | (default "/run/current-system/profile/share/sddm/faces")) |
| 67 | |
| 68 | ;; [Users] |
| 69 | (default-path sddm-configuration-default-path |
| 70 | (default "/run/current-system/profile/bin")) |
| 71 | (minimum-uid sddm-configuration-minimum-uid |
| 72 | (default 1000)) |
| 73 | (maximum-uid sddm-configuration-maximum-uid |
| 74 | (default 2000)) |
| 75 | (remember-last-user? sddm-configuration-remember-last-user? |
| 76 | (default #t)) |
| 77 | (remember-last-session? sddm-configuration-remember-last-session? |
| 78 | (default #t)) |
| 79 | (hide-users sddm-configuration-hide-users |
| 80 | (default "")) |
| 81 | (hide-shells sddm-configuration-hide-shells |
| 82 | (default (file-append shadow "/sbin/nologin"))) |
| 83 | |
| 84 | ;; [Wayland] |
| 85 | (session-command sddm-configuration-session-command |
| 86 | (default (file-append sddm "/share/sddm/scripts/wayland-session"))) |
| 87 | (sessions-directory sddm-configuration-sessions-directory |
| 88 | (default "/run/current-system/profile/share/wayland-sessions")) |
| 89 | ;; [X11] |
| 90 | (xorg-configuration sddm-configuration-xorg |
| 91 | (default (xorg-configuration))) |
| 92 | (xauth-path sddm-configuration-xauth-path |
| 93 | (default (file-append xauth "/bin/xauth"))) |
| 94 | (xephyr-path sddm-configuration-xephyr-path |
| 95 | (default (file-append xorg-server "/bin/Xephyr"))) |
| 96 | (xdisplay-start sddm-configuration-xdisplay-start |
| 97 | (default (file-append sddm "/share/sddm/scripts/Xsetup"))) |
| 98 | (xdisplay-stop sddm-configuration-xdisplay-stop |
| 99 | (default (file-append sddm "/share/sddm/scripts/Xstop"))) |
| 100 | (xsession-command sddm-configuration-xsession-command |
| 101 | (default (xinitrc))) |
| 102 | (xsessions-directory sddm-configuration-xsessions-directory |
| 103 | (default "/run/current-system/profile/share/xsessions")) |
| 104 | (minimum-vt sddm-configuration-minimum-vt |
| 105 | (default 7)) |
| 106 | |
| 107 | ;; [Autologin] |
| 108 | (auto-login-user sddm-configuration-auto-login-user |
| 109 | (default "")) |
| 110 | ;; valid values are xfce.desktop gnome.desktop weston.desktop hawaii.desktop |
| 111 | (auto-login-session sddm-configuration-auto-login-session |
| 112 | (default "")) |
| 113 | (relogin? sddm-configuration-relogin? |
| 114 | (default #f))) |
| 115 | |
| 116 | (define (sddm-configuration-file config) |
| 117 | (mixed-text-file "sddm.conf" " |
| 118 | [General] |
| 119 | DisplayServer=" (sddm-configuration-display-server config) " |
| 120 | Numlock=" (sddm-configuration-numlock config) " |
| 121 | HaltCommand=" (sddm-configuration-halt-command config) " |
| 122 | RebootCommand=" (sddm-configuration-reboot-command config) " |
| 123 | |
| 124 | [Users] |
| 125 | DefaultPath=" (sddm-configuration-default-path config) " |
| 126 | MinimumUid=" (number->string (sddm-configuration-minimum-uid config))" |
| 127 | MaximumUid=" (number->string (sddm-configuration-maximum-uid config))" |
| 128 | RememberLastUser=" (if (sddm-configuration-remember-last-user? config) |
| 129 | "true" "false") " |
| 130 | RememberLastSession=" (if (sddm-configuration-remember-last-session? config) |
| 131 | "true" "false") " |
| 132 | HideUsers=" (sddm-configuration-hide-users config) " |
| 133 | Hideshells=" (sddm-configuration-hide-shells config) " |
| 134 | |
| 135 | [Theme] |
| 136 | Current=" (sddm-configuration-theme config) " |
| 137 | ThemeDir=" (sddm-configuration-themes-directory config) " |
| 138 | FacesDir=" (sddm-configuration-faces-directory config) " |
| 139 | |
| 140 | [Wayland] |
| 141 | SessionCommand=" (sddm-configuration-session-command config) " |
| 142 | SessionDir=" (sddm-configuration-sessions-directory config) " |
| 143 | |
| 144 | [X11] |
| 145 | ServerPath=" (xorg-start-command (sddm-configuration-xorg config)) " |
| 146 | XauthPath=" (sddm-configuration-xauth-path config) " |
| 147 | XephyrPath=" (sddm-configuration-xephyr-path config) " |
| 148 | DisplayCommand=" (sddm-configuration-xdisplay-start config) " |
| 149 | DisplayStopCommand=" (sddm-configuration-xdisplay-stop config) " |
| 150 | SessionCommand=" (sddm-configuration-xsession-command config) " |
| 151 | SessionDir=" (sddm-configuration-xsessions-directory config) " |
| 152 | MinimumVT=" (number->string (sddm-configuration-minimum-vt config)) " |
| 153 | ServerArguments=" (string-join |
| 154 | (xorg-configuration-server-arguments |
| 155 | (sddm-configuration-xorg config))) " |
| 156 | |
| 157 | [Autologin] |
| 158 | User=" (sddm-configuration-auto-login-user config) " |
| 159 | Session=" (sddm-configuration-auto-login-session config) " |
| 160 | Relogin=" (if (sddm-configuration-relogin? config) |
| 161 | "true" "false") " |
| 162 | ")) |
| 163 | |
| 164 | (define (sddm-shepherd-service config) |
| 165 | "Return a <shepherd-service> for sddm with CONFIG." |
| 166 | |
| 167 | (define sddm-command |
| 168 | #~(list (string-append #$(sddm-configuration-sddm config) "/bin/sddm"))) |
| 169 | |
| 170 | (list (shepherd-service |
| 171 | (documentation "SDDM display manager.") |
| 172 | (requirement '(user-processes)) |
| 173 | (provision '(display-manager)) |
| 174 | (start #~(make-forkexec-constructor #$sddm-command)) |
| 175 | (stop #~(make-kill-destructor))))) |
| 176 | |
| 177 | (define (sddm-etc-service config) |
| 178 | (list `("sddm.conf" ,(sddm-configuration-file config)))) |
| 179 | |
| 180 | (define (sddm-pam-service config) |
| 181 | "Return a PAM service for @command{sddm}." |
| 182 | (pam-service |
| 183 | (name "sddm") |
| 184 | (auth |
| 185 | (list |
| 186 | (pam-entry |
| 187 | (control "requisite") |
| 188 | (module "pam_nologin.so")) |
| 189 | (pam-entry |
| 190 | (control "required") |
| 191 | (module "pam_env.so")) |
| 192 | (pam-entry |
| 193 | (control "required") |
| 194 | (module "pam_succeed_if.so") |
| 195 | (arguments (list (string-append "uid >= " |
| 196 | (number->string (sddm-configuration-minimum-uid config))) |
| 197 | "quiet"))) |
| 198 | ;; should be factored out into system-auth |
| 199 | (pam-entry |
| 200 | (control "required") |
| 201 | (module "pam_unix.so")))) |
| 202 | (account |
| 203 | (list |
| 204 | ;; should be factored out into system-account |
| 205 | (pam-entry |
| 206 | (control "required") |
| 207 | (module "pam_unix.so")))) |
| 208 | (password |
| 209 | (list |
| 210 | ;; should be factored out into system-password |
| 211 | (pam-entry |
| 212 | (control "required") |
| 213 | (module "pam_unix.so") |
| 214 | (arguments (list "sha512" "shadow" "try_first_pass"))))) |
| 215 | (session |
| 216 | (list |
| 217 | ;; lfs has a required pam_limits.so |
| 218 | ;; should be factored out into system-session |
| 219 | (pam-entry |
| 220 | (control "required") |
| 221 | (module "pam_unix.so")))))) |
| 222 | |
| 223 | (define (sddm-greeter-pam-service) |
| 224 | "Return a PAM service for @command{sddm-greeter}." |
| 225 | (pam-service |
| 226 | (name "sddm-greeter") |
| 227 | (auth |
| 228 | (list |
| 229 | ;; Load environment from /etc/environment and ~/.pam_environment |
| 230 | (pam-entry |
| 231 | (control "required") |
| 232 | (module "pam_env.so")) |
| 233 | ;; Always let the greeter start without authentication |
| 234 | (pam-entry |
| 235 | (control "required") |
| 236 | (module "pam_permit.so")))) |
| 237 | (account |
| 238 | (list |
| 239 | ;; No action required for account management |
| 240 | (pam-entry |
| 241 | (control "required") |
| 242 | (module "pam_permit.so")))) |
| 243 | (password |
| 244 | (list |
| 245 | ;; Can't change password |
| 246 | (pam-entry |
| 247 | (control "required") |
| 248 | (module "pam_deny.so")))) |
| 249 | (session |
| 250 | (list |
| 251 | ;; Setup session |
| 252 | (pam-entry |
| 253 | (control "required") |
| 254 | (module "pam_unix.so")))))) |
| 255 | |
| 256 | (define (sddm-autologin-pam-service config) |
| 257 | "Return a PAM service for @command{sddm-autologin}" |
| 258 | (pam-service |
| 259 | (name "sddm-autologin") |
| 260 | (auth |
| 261 | (list |
| 262 | (pam-entry |
| 263 | (control "requisite") |
| 264 | (module "pam_nologin.so")) |
| 265 | (pam-entry |
| 266 | (control "required") |
| 267 | (module "pam_succeed_if.so") |
| 268 | (arguments (list (string-append "uid >= " |
| 269 | (number->string (sddm-configuration-minimum-uid config))) |
| 270 | "quiet"))) |
| 271 | (pam-entry |
| 272 | (control "required") |
| 273 | (module "pam_permit.so")))) |
| 274 | (account |
| 275 | (list |
| 276 | (pam-entry |
| 277 | (control "include") |
| 278 | (module "sddm")))) |
| 279 | (password |
| 280 | (list |
| 281 | (pam-entry |
| 282 | (control "required") |
| 283 | (module "pam_deny.so")))) |
| 284 | (session |
| 285 | (list |
| 286 | (pam-entry |
| 287 | (control "include") |
| 288 | (module "sddm")))))) |
| 289 | |
| 290 | (define (sddm-pam-services config) |
| 291 | (list (sddm-pam-service config) |
| 292 | (sddm-greeter-pam-service) |
| 293 | (sddm-autologin-pam-service config))) |
| 294 | |
| 295 | (define %sddm-accounts |
| 296 | (list (user-group (name "sddm") (system? #t)) |
| 297 | (user-account |
| 298 | (name "sddm") |
| 299 | (group "sddm") |
| 300 | (system? #t) |
| 301 | (comment "SDDM user") |
| 302 | (home-directory "/var/lib/sddm") |
| 303 | (shell (file-append shadow "/sbin/nologin"))))) |
| 304 | |
| 305 | ;; Add default themes to profile |
| 306 | (define sddm-profile-service |
| 307 | (compose list sddm-configuration-sddm)) |
| 308 | |
| 309 | (define sddm-service-type |
| 310 | (handle-xorg-configuration sddm-configuration |
| 311 | (service-type (name 'sddm) |
| 312 | (extensions |
| 313 | (list (service-extension shepherd-root-service-type |
| 314 | sddm-shepherd-service) |
| 315 | (service-extension etc-service-type |
| 316 | sddm-etc-service) |
| 317 | (service-extension pam-root-service-type |
| 318 | sddm-pam-services) |
| 319 | (service-extension account-service-type |
| 320 | (const %sddm-accounts)) |
| 321 | (service-extension profile-service-type |
| 322 | sddm-profile-service))) |
| 323 | (default-value (sddm-configuration)) |
| 324 | (description |
| 325 | "Run SDDM, a display and log-in manager for X11 and |
| 326 | Wayland.")))) |
| 327 | |
| 328 | (define-deprecated (sddm-service #:optional (config (sddm-configuration))) |
| 329 | sddm-service-type |
| 330 | "Run the @uref{https://github.com/sddm/sddm,SDDM display manager} |
| 331 | with the given @var{config}, a @code{<sddm-configuration>} object." |
| 332 | (service sddm-service-type config)) |