1 ;;; GNU Guix --- Functional package management for GNU
2 ;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019, 2020 Ludovic Courtès <ludo@gnu.org>
3 ;;; Copyright © 2015 Andy Wingo <wingo@igalia.com>
4 ;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
5 ;;; Copyright © 2016 Sou Bunnbu <iyzsong@gmail.com>
6 ;;; Copyright © 2017 Maxim Cournoyer <maxim.cournoyer@gmail.com>
7 ;;; Copyright © 2017 Nikita <nikita@n0.is>
8 ;;; Copyright © 2018, 2020 Efraim Flashner <efraim@flashner.co.il>
9 ;;; Copyright © 2018 Ricardo Wurmus <rekado@elephly.net>
10 ;;; Copyright © 2017, 2019 Christopher Baines <mail@cbaines.net>
11 ;;; Copyright © 2019 Tim Gesthuizen <tim.gesthuizen@yahoo.de>
12 ;;; Copyright © 2019 David Wilson <david@daviwil.com>
13 ;;; Copyright © 2020 Tobias Geerinckx-Rice <me@tobias.gr>
15 ;;; This file is part of GNU Guix.
17 ;;; GNU Guix is free software; you can redistribute it and/or modify it
18 ;;; under the terms of the GNU General Public License as published by
19 ;;; the Free Software Foundation; either version 3 of the License, or (at
20 ;;; your option) any later version.
22 ;;; GNU Guix is distributed in the hope that it will be useful, but
23 ;;; WITHOUT ANY WARRANTY; without even the implied warranty of
24 ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
25 ;;; GNU General Public License for more details.
27 ;;; You should have received a copy of the GNU General Public License
28 ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
30 (define-module (gnu services desktop)
31 #:use-module (gnu services)
32 #:use-module (gnu services shepherd)
33 #:use-module (gnu services base)
34 #:use-module (gnu services dbus)
35 #:use-module (gnu services avahi)
36 #:use-module (gnu services xorg)
37 #:use-module (gnu services networking)
38 #:use-module (gnu services sound)
39 #:use-module ((gnu system file-systems)
40 #:select (%elogind-file-systems file-system))
41 #:use-module (gnu system)
42 #:use-module (gnu system shadow)
43 #:use-module (gnu system pam)
44 #:use-module (gnu packages glib)
45 #:use-module (gnu packages admin)
46 #:use-module (gnu packages cups)
47 #:use-module (gnu packages freedesktop)
48 #:use-module (gnu packages gnome)
49 #:use-module (gnu packages xfce)
50 #:use-module (gnu packages avahi)
51 #:use-module (gnu packages xdisorg)
52 #:use-module (gnu packages scanner)
53 #:use-module (gnu packages suckless)
54 #:use-module (gnu packages linux)
55 #:use-module (gnu packages libusb)
56 #:use-module (gnu packages mate)
57 #:use-module (gnu packages enlightenment)
58 #:use-module (guix deprecation)
59 #:use-module (guix records)
60 #:use-module (guix packages)
61 #:use-module (guix store)
62 #:use-module (guix utils)
63 #:use-module (guix gexp)
64 #:use-module (srfi srfi-1)
65 #:use-module (ice-9 match)
66 #:export (<upower-configuration>
69 upower-configuration-upower
70 upower-configuration-watts-up-pro?
71 upower-configuration-poll-batteries?
72 upower-configuration-ignore-lid?
73 upower-configuration-use-percentage-for-policy?
74 upower-configuration-percentage-low
75 upower-configuration-percentage-critical
76 upower-configuration-percentage-action
77 upower-configuration-time-low
78 upower-configuration-time-critical
79 upower-configuration-time-action
80 upower-configuration-critical-power-action
95 geoclue-configuration?
96 %standard-geoclue-applications
100 bluetooth-service-type
101 bluetooth-configuration
102 bluetooth-configuration?
105 elogind-configuration
106 elogind-configuration?
110 %fontconfig-file-system
111 fontconfig-file-system-service
113 accountsservice-service-type
114 accountsservice-service
116 cups-pk-helper-service-type
119 gnome-desktop-configuration
120 gnome-desktop-configuration?
121 gnome-desktop-service
122 gnome-desktop-service-type
124 mate-desktop-configuration
125 mate-desktop-configuration?
127 mate-desktop-service-type
129 xfce-desktop-configuration
130 xfce-desktop-configuration?
132 xfce-desktop-service-type
134 x11-socket-directory-service
136 enlightenment-desktop-configuration
137 enlightenment-desktop-configuration?
138 enlightenment-desktop-service-type
140 inputattach-configuration
141 inputattach-configuration?
142 inputattach-service-type
146 gnome-keyring-configuration
147 gnome-keyring-configuration?
148 gnome-keyring-service-type
154 ;;; This module contains service definitions for a "desktop" environment.
164 (if value "true\n" "false\n"))
166 (define (package-direct-input-selector input)
168 (match (assoc-ref (package-direct-inputs package) input)
169 ((package . _) package))))
174 ;;; Upower D-Bus service.
177 (define-record-type* <upower-configuration>
178 upower-configuration make-upower-configuration
179 upower-configuration?
180 (upower upower-configuration-upower
182 (watts-up-pro? upower-configuration-watts-up-pro?
184 (poll-batteries? upower-configuration-poll-batteries?
186 (ignore-lid? upower-configuration-ignore-lid?
188 (use-percentage-for-policy? upower-configuration-use-percentage-for-policy?
190 (percentage-low upower-configuration-percentage-low
192 (percentage-critical upower-configuration-percentage-critical
194 (percentage-action upower-configuration-percentage-action
196 (time-low upower-configuration-time-low
198 (time-critical upower-configuration-time-critical
200 (time-action upower-configuration-time-action
202 (critical-power-action upower-configuration-critical-power-action
203 (default 'hybrid-sleep)))
205 (define* upower-configuration-file
206 ;; Return an upower-daemon configuration file.
208 (($ <upower-configuration> upower
209 watts-up-pro? poll-batteries? ignore-lid? use-percentage-for-policy?
210 percentage-low percentage-critical percentage-action time-low
211 time-critical time-action critical-power-action)
212 (plain-file "UPower.conf"
215 "EnableWattsUpPro=" (bool watts-up-pro?)
216 "NoPollBatteries=" (bool (not poll-batteries?))
217 "IgnoreLid=" (bool ignore-lid?)
218 "UsePercentageForPolicy=" (bool use-percentage-for-policy?)
219 "PercentageLow=" (number->string percentage-low) "\n"
220 "PercentageCritical=" (number->string percentage-critical) "\n"
221 "PercentageAction=" (number->string percentage-action) "\n"
222 "TimeLow=" (number->string time-low) "\n"
223 "TimeCritical=" (number->string time-critical) "\n"
224 "TimeAction=" (number->string time-action) "\n"
225 "CriticalPowerAction=" (match critical-power-action
226 ('hybrid-sleep "HybridSleep")
227 ('hibernate "Hibernate")
228 ('power-off "PowerOff"))
231 (define %upower-activation
233 (use-modules (guix build utils))
234 (mkdir-p "/var/lib/upower")))
236 (define (upower-dbus-service config)
237 (list (wrapped-dbus-service (upower-configuration-upower config)
239 `(("UPOWER_CONF_FILE_NAME"
240 ,(upower-configuration-file config))))))
242 (define (upower-shepherd-service config)
243 "Return a shepherd service for UPower with CONFIG."
244 (let ((upower (upower-configuration-upower config))
245 (config (upower-configuration-file config)))
246 (list (shepherd-service
247 (documentation "Run the UPower power and battery monitor.")
248 (provision '(upower-daemon))
249 (requirement '(dbus-system udev))
251 (start #~(make-forkexec-constructor
252 (list (string-append #$upower "/libexec/upowerd"))
253 #:environment-variables
254 (list (string-append "UPOWER_CONF_FILE_NAME="
256 (stop #~(make-kill-destructor))))))
258 (define upower-service-type
259 (let ((upower-package (compose list upower-configuration-upower)))
260 (service-type (name 'upower)
262 "Run @command{upowerd}}, a system-wide monitor for power
263 consumption and battery levels, with the given configuration settings. It
264 implements the @code{org.freedesktop.UPower} D-Bus interface, and is notably
267 (list (service-extension dbus-root-service-type
269 (service-extension shepherd-root-service-type
270 upower-shepherd-service)
271 (service-extension activation-service-type
272 (const %upower-activation))
273 (service-extension udev-service-type
276 ;; Make the 'upower' command visible.
277 (service-extension profile-service-type
279 (default-value (upower-configuration)))))
281 (define-deprecated (upower-service #:key (upower upower)
285 (use-percentage-for-policy? #f)
287 (percentage-critical 3)
288 (percentage-action 2)
292 (critical-power-action 'hybrid-sleep))
294 "Return a service that runs @uref{http://upower.freedesktop.org/,
295 @command{upowerd}}, a system-wide monitor for power consumption and battery
296 levels, with the given configuration settings. It implements the
297 @code{org.freedesktop.UPower} D-Bus interface, and is notably used by GNOME."
298 (let ((config (upower-configuration
299 (watts-up-pro? watts-up-pro?)
300 (poll-batteries? poll-batteries?)
301 (ignore-lid? ignore-lid?)
302 (use-percentage-for-policy? use-percentage-for-policy?)
303 (percentage-low percentage-low)
304 (percentage-critical percentage-critical)
305 (percentage-action percentage-action)
307 (time-critical time-critical)
308 (time-action time-action)
309 (critical-power-action critical-power-action))))
310 (service upower-service-type config)))
314 ;;; GeoClue D-Bus service.
318 (define-record-type* <geoclue-configuration>
319 geoclue-configuration make-geoclue-configuration
320 geoclue-configuration?
321 (geoclue geoclue-configuration-geoclue
323 (whitelist geoclue-configuration-whitelist)
324 (wifi-geolocation-url geoclue-configuration-wifi-geolocation-url)
325 (submit-data? geoclue-configuration-submit-data?)
326 (wifi-submission-url geoclue-configuration-wifi-submission-url)
327 (submission-nick geoclue-configuration-submission-nick)
328 (applications geoclue-configuration-applications))
330 (define* (geoclue-application name #:key (allowed? #t) system? (users '()))
331 "Configure default GeoClue access permissions for an application. NAME is
332 the Desktop ID of the application, without the .desktop part. If ALLOWED? is
333 true, the application will have access to location information by default.
334 The boolean SYSTEM? value indicates that an application is a system component
335 or not. Finally USERS is a list of UIDs of all users for which this
336 application is allowed location info access. An empty users list means all
340 "allowed=" (bool allowed?)
341 "system=" (bool system?)
342 "users=" (string-join users ";") "\n"))
344 (define %standard-geoclue-applications
345 (list (geoclue-application "gnome-datetime-panel" #:system? #t)
346 (geoclue-application "epiphany" #:system? #f)
347 (geoclue-application "firefox" #:system? #f)))
349 (define* (geoclue-configuration-file config)
350 "Return a geoclue configuration file."
351 (plain-file "geoclue.conf"
355 (string-join (geoclue-configuration-whitelist config)
358 "url=" (geoclue-configuration-wifi-geolocation-url config) "\n"
359 "submit-data=" (bool (geoclue-configuration-submit-data? config))
361 (geoclue-configuration-wifi-submission-url config) "\n"
363 (geoclue-configuration-submission-nick config)
365 (string-join (geoclue-configuration-applications config)
368 (define (geoclue-dbus-service config)
369 (list (wrapped-dbus-service (geoclue-configuration-geoclue config)
371 `(("GEOCLUE_CONFIG_FILE"
372 ,(geoclue-configuration-file config))))))
374 (define %geoclue-accounts
375 (list (user-group (name "geoclue") (system? #t))
380 (comment "GeoClue daemon user")
381 (home-directory "/var/empty")
382 (shell "/run/current-system/profile/sbin/nologin"))))
384 (define geoclue-service-type
385 (service-type (name 'geoclue)
387 (list (service-extension dbus-root-service-type
388 geoclue-dbus-service)
389 (service-extension account-service-type
390 (const %geoclue-accounts))))))
392 (define* (geoclue-service #:key (geoclue geoclue)
394 (wifi-geolocation-url
395 ;; Mozilla geolocation service:
396 "https://location.services.mozilla.com/v1/geolocate?key=geoclue")
399 "https://location.services.mozilla.com/v1/submit?key=geoclue")
400 (submission-nick "geoclue")
401 (applications %standard-geoclue-applications))
402 "Return a service that runs the @command{geoclue} location service. This
403 service provides a D-Bus interface to allow applications to request access to
404 a user's physical location, and optionally to add information to online
405 location databases. By default, only the GNOME date-time panel and the Icecat
406 and Epiphany web browsers are able to ask for the user's location, and in the
407 case of Icecat and Epiphany, both will ask the user for permission first. See
408 @uref{https://wiki.freedesktop.org/www/Software/GeoClue/, the geoclue web
409 site} for more information."
410 (service geoclue-service-type
411 (geoclue-configuration
413 (whitelist whitelist)
414 (wifi-geolocation-url wifi-geolocation-url)
415 (submit-data? submit-data?)
416 (wifi-submission-url wifi-submission-url)
417 (submission-nick submission-nick)
418 (applications applications))))
425 (define-record-type* <bluetooth-configuration>
426 bluetooth-configuration make-bluetooth-configuration
427 bluetooth-configuration?
428 (bluez bluetooth-configuration-bluez (default bluez))
429 (auto-enable? bluetooth-configuration-auto-enable? (default #f)))
431 (define (bluetooth-configuration-file config)
432 "Return a configuration file for the systemd bluetooth service, as a string."
435 "AutoEnable=" (bool (bluetooth-configuration-auto-enable?
438 (define (bluetooth-directory config)
439 (computed-file "etc-bluetooth"
443 (call-with-output-file "main.conf"
445 (display #$(bluetooth-configuration-file config)
448 (define (bluetooth-shepherd-service config)
449 "Return a shepherd service for @command{bluetoothd}."
451 (provision '(bluetooth))
452 (requirement '(dbus-system udev))
453 (documentation "Run the bluetoothd daemon.")
454 (start #~(make-forkexec-constructor
455 (list #$(file-append (bluetooth-configuration-bluez config)
456 "/libexec/bluetooth/bluetoothd"))))
457 (stop #~(make-kill-destructor))))
459 (define bluetooth-service-type
463 (list (service-extension dbus-root-service-type
464 (compose list bluetooth-configuration-bluez))
465 (service-extension udev-service-type
466 (compose list bluetooth-configuration-bluez))
467 (service-extension etc-service-type
470 ,(bluetooth-directory config)))))
471 (service-extension shepherd-root-service-type
472 (compose list bluetooth-shepherd-service))))
473 (description "Run the @command{bluetoothd} daemon, which manages all the
474 Bluetooth devices and provides a number of D-Bus interfaces.")))
476 (define* (bluetooth-service #:key (bluez bluez) (auto-enable? #f))
477 "Return a service that runs the @command{bluetoothd} daemon, which manages
478 all the Bluetooth devices and provides a number of D-Bus interfaces. When
479 AUTO-ENABLE? is true, the bluetooth controller is powered automatically at
482 Users need to be in the @code{lp} group to access the D-Bus service.
484 (service bluetooth-service-type
485 (bluetooth-configuration
487 (auto-enable? auto-enable?))))
491 ;;; Colord D-Bus service.
494 (define %colord-activation
496 (use-modules (guix build utils))
497 (mkdir-p "/var/lib/colord")
498 (let ((user (getpwnam "colord")))
499 (chown "/var/lib/colord"
500 (passwd:uid user) (passwd:gid user)))))
502 (define %colord-accounts
503 (list (user-group (name "colord") (system? #t))
508 (comment "colord daemon user")
509 (home-directory "/var/empty")
510 (shell (file-append shadow "/sbin/nologin")))))
512 (define colord-service-type
513 (service-type (name 'colord)
515 (list (service-extension account-service-type
516 (const %colord-accounts))
517 (service-extension activation-service-type
518 (const %colord-activation))
520 ;; Colord is a D-Bus service that dbus-daemon can
522 (service-extension dbus-root-service-type list)
524 ;; Colord provides "color device" rules for udev.
525 (service-extension udev-service-type list)
527 ;; It provides polkit "actions".
528 (service-extension polkit-service-type list)))
529 (default-value colord)
531 "Run @command{colord}, a system service with a D-Bus
532 interface to manage the color profiles of input and output devices such as
533 screens and scanners.")))
535 (define-deprecated (colord-service #:key (colord colord))
537 "Return a service that runs @command{colord}, a system service with a D-Bus
538 interface to manage the color profiles of input and output devices such as
539 screens and scanners. It is notably used by the GNOME Color Manager graphical
540 tool. See @uref{http://www.freedesktop.org/software/colord/, the colord web
541 site} for more information."
542 (service colord-service-type colord))
549 (define-record-type* <udisks-configuration>
550 udisks-configuration make-udisks-configuration
551 udisks-configuration?
552 (udisks udisks-configuration-udisks
555 (define %udisks-activation
556 (with-imported-modules '((guix build utils))
558 (use-modules (guix build utils))
560 (let ((run-dir "/var/run/udisks2"))
562 (chmod run-dir #o700)))))
564 (define udisks-service-type
565 (let ((udisks-package (lambda (config)
566 (list (udisks-configuration-udisks config)))))
567 (service-type (name 'udisks)
569 (list (service-extension polkit-service-type
571 (service-extension dbus-root-service-type
573 (service-extension udev-service-type
575 (service-extension activation-service-type
576 (const %udisks-activation))
578 ;; Profile 'udisksctl' & co. in the system profile.
579 (service-extension profile-service-type
582 (define* (udisks-service #:key (udisks udisks))
583 "Return a service for @uref{http://udisks.freedesktop.org/docs/latest/,
584 UDisks}, a @dfn{disk management} daemon that provides user interfaces with
585 notifications and ways to mount/unmount disks. Programs that talk to UDisks
586 include the @command{udisksctl} command, part of UDisks, and GNOME Disks."
587 (service udisks-service-type
588 (udisks-configuration (udisks udisks))))
592 ;;; Elogind login and seat management service.
595 (define-record-type* <elogind-configuration> elogind-configuration
596 make-elogind-configuration
597 elogind-configuration?
598 (elogind elogind-package
600 (kill-user-processes? elogind-kill-user-processes?
602 (kill-only-users elogind-kill-only-users
604 (kill-exclude-users elogind-kill-exclude-users
606 (inhibit-delay-max-seconds elogind-inhibit-delay-max-seconds
608 (handle-power-key elogind-handle-power-key
610 (handle-suspend-key elogind-handle-suspend-key
612 (handle-hibernate-key elogind-handle-hibernate-key
613 ;; (default 'hibernate)
614 ;; XXX Ignore it for now, since we don't
615 ;; yet handle resume-from-hibernation in
618 (handle-lid-switch elogind-handle-lid-switch
620 (handle-lid-switch-docked elogind-handle-lid-switch-docked
622 (power-key-ignore-inhibited? elogind-power-key-ignore-inhibited?
624 (suspend-key-ignore-inhibited? elogind-suspend-key-ignore-inhibited?
626 (hibernate-key-ignore-inhibited? elogind-hibernate-key-ignore-inhibited?
628 (lid-switch-ignore-inhibited? elogind-lid-switch-ignore-inhibited?
630 (holdoff-timeout-seconds elogind-holdoff-timeout-seconds
632 (idle-action elogind-idle-action
634 (idle-action-seconds elogind-idle-action-seconds
636 (runtime-directory-size-percent elogind-runtime-directory-size-percent
638 (runtime-directory-size elogind-runtime-directory-size
640 (remove-ipc? elogind-remove-ipc?
643 (suspend-state elogind-suspend-state
644 (default '("mem" "standby" "freeze")))
645 (suspend-mode elogind-suspend-mode
647 (hibernate-state elogind-hibernate-state
649 (hibernate-mode elogind-hibernate-mode
650 (default '("platform" "shutdown")))
651 (hybrid-sleep-state elogind-hybrid-sleep-state
653 (hybrid-sleep-mode elogind-hybrid-sleep-mode
655 '("suspend" "platform" "shutdown"))))
657 (define (elogind-configuration-file config)
662 (_ (error "expected #t or #f, instead got:" x))))
663 (define char-set:user-name
664 (string->char-set "abcdefghijklmnopqrstuvwxyz0123456789_-"))
665 (define (valid-list? l pred)
666 (and-map (lambda (x) (string-every pred x)) l))
667 (define (user-name-list users)
668 (unless (valid-list? users char-set:user-name)
669 (error "invalid user list" users))
670 (string-join users " "))
671 (define (enum val allowed)
672 (unless (memq val allowed)
673 (error "invalid value" val allowed))
674 (symbol->string val))
675 (define (non-negative-integer x)
676 (unless (exact-integer? x) (error "not an integer" x))
677 (when (negative? x) (error "negative number not allowed" x))
679 (define handle-actions
680 '(ignore poweroff reboot halt kexec suspend hibernate hybrid-sleep lock))
681 (define (handle-action x)
682 (enum x handle-actions))
683 (define (sleep-list tokens)
684 (unless (valid-list? tokens char-set:user-name)
685 (error "invalid sleep list" tokens))
686 (string-join tokens " "))
687 (define-syntax ini-file-clause
689 ((_ config (prop (parser getter)))
690 (string-append prop "=" (parser (getter config)) "\n"))
692 (string-append str "\n"))))
693 (define-syntax-rule (ini-file config file clause ...)
694 (plain-file file (string-append (ini-file-clause config clause) ...)))
698 ("KillUserProcesses" (yesno elogind-kill-user-processes?))
699 ("KillOnlyUsers" (user-name-list elogind-kill-only-users))
700 ("KillExcludeUsers" (user-name-list elogind-kill-exclude-users))
701 ("InhibitDelayMaxSec" (non-negative-integer elogind-inhibit-delay-max-seconds))
702 ("HandlePowerKey" (handle-action elogind-handle-power-key))
703 ("HandleSuspendKey" (handle-action elogind-handle-suspend-key))
704 ("HandleHibernateKey" (handle-action elogind-handle-hibernate-key))
705 ("HandleLidSwitch" (handle-action elogind-handle-lid-switch))
706 ("HandleLidSwitchDocked" (handle-action elogind-handle-lid-switch-docked))
707 ("PowerKeyIgnoreInhibited" (yesno elogind-power-key-ignore-inhibited?))
708 ("SuspendKeyIgnoreInhibited" (yesno elogind-suspend-key-ignore-inhibited?))
709 ("HibernateKeyIgnoreInhibited" (yesno elogind-hibernate-key-ignore-inhibited?))
710 ("LidSwitchIgnoreInhibited" (yesno elogind-lid-switch-ignore-inhibited?))
711 ("HoldoffTimeoutSec" (non-negative-integer elogind-holdoff-timeout-seconds))
712 ("IdleAction" (handle-action elogind-idle-action))
713 ("IdleActionSec" (non-negative-integer elogind-idle-action-seconds))
714 ("RuntimeDirectorySize"
717 (match (elogind-runtime-directory-size-percent config)
718 (#f (non-negative-integer (elogind-runtime-directory-size config)))
719 (percent (string-append (non-negative-integer percent) "%"))))))
720 ("RemoveIPC" (yesno elogind-remove-ipc?))
722 ("SuspendState" (sleep-list elogind-suspend-state))
723 ("SuspendMode" (sleep-list elogind-suspend-mode))
724 ("HibernateState" (sleep-list elogind-hibernate-state))
725 ("HibernateMode" (sleep-list elogind-hibernate-mode))
726 ("HybridSleepState" (sleep-list elogind-hybrid-sleep-state))
727 ("HybridSleepMode" (sleep-list elogind-hybrid-sleep-mode))))
729 (define (elogind-dbus-service config)
730 (list (wrapped-dbus-service (elogind-package config)
731 "libexec/elogind/elogind"
732 `(("ELOGIND_CONF_FILE"
733 ,(elogind-configuration-file config))))))
735 (define (pam-extension-procedure config)
736 "Return an extension for PAM-ROOT-SERVICE-TYPE that ensures that all the PAM
737 services use 'pam_elogind.so', a module that allows elogind to keep track of
738 logged-in users (run 'loginctl' to see elogind's world view of users and
743 (module (file-append (elogind-package config)
744 "/lib/security/pam_elogind.so"))))
749 (session (cons pam-elogind (pam-service-session pam)))))))
751 (define (elogind-shepherd-service config)
752 "Return a Shepherd service to start elogind according to @var{config}."
753 (list (shepherd-service
754 (requirement '(dbus-system))
755 (provision '(elogind))
756 (start #~(make-forkexec-constructor
757 (list #$(file-append (elogind-package config)
758 "/libexec/elogind/elogind"))
759 #:environment-variables
760 (list (string-append "ELOGIND_CONF_FILE="
761 #$(elogind-configuration-file
763 (stop #~(make-kill-destructor)))))
765 (define elogind-service-type
766 (service-type (name 'elogind)
768 (list (service-extension dbus-root-service-type
769 elogind-dbus-service)
770 (service-extension udev-service-type
771 (compose list elogind-package))
772 (service-extension polkit-service-type
773 (compose list elogind-package))
775 ;; Start elogind from the Shepherd rather than waiting
776 ;; for bus activation. This ensures that it can handle
777 ;; events like lid close, etc.
778 (service-extension shepherd-root-service-type
779 elogind-shepherd-service)
781 ;; Provide the 'loginctl' command.
782 (service-extension profile-service-type
783 (compose list elogind-package))
785 ;; Extend PAM with pam_elogind.so.
786 (service-extension pam-root-service-type
787 pam-extension-procedure)
789 ;; We need /run/user, /run/systemd, etc.
790 (service-extension file-system-service-type
791 (const %elogind-file-systems))))
792 (default-value (elogind-configuration))))
794 (define* (elogind-service #:key (config (elogind-configuration)))
795 "Return a service that runs the @command{elogind} login and seat management
796 service. The @command{elogind} service integrates with PAM to allow other
797 system components to know the set of logged-in users as well as their session
798 types (graphical, console, remote, etc.). It can also clean up after users
800 (service elogind-service-type config))
804 ;;; Fontconfig and other desktop file-systems.
807 (define %fontconfig-file-system
810 (mount-point "/var/cache/fontconfig")
815 ;; The global fontconfig cache directory can sometimes contain stale entries,
816 ;; possibly referencing fonts that have been GC'd, so mount it read-only.
817 ;; As mentioned https://debbugs.gnu.org/cgi/bugreport.cgi?bug=36924#8 and
818 ;; https://debbugs.gnu.org/cgi/bugreport.cgi?bug=38046#10 and elsewhere.
819 (define fontconfig-file-system-service
820 (simple-service 'fontconfig-file-system
821 file-system-service-type
822 (list %fontconfig-file-system)))
825 ;;; AccountsService service.
828 (define %accountsservice-activation
830 (use-modules (guix build utils))
831 (mkdir-p "/var/lib/AccountsService")))
833 (define accountsservice-service-type
834 (service-type (name 'accountsservice)
836 (list (service-extension activation-service-type
837 (const %accountsservice-activation))
838 (service-extension dbus-root-service-type list)
839 (service-extension polkit-service-type list)))
840 (default-value accountsservice)))
842 (define* (accountsservice-service #:key (accountsservice accountsservice))
843 "Return a service that runs AccountsService, a system service that
844 can list available accounts, change their passwords, and so on.
845 AccountsService integrates with PolicyKit to enable unprivileged users to
846 acquire the capability to modify their system configuration.
847 @uref{https://www.freedesktop.org/wiki/Software/AccountsService/, the
848 accountsservice web site} for more information."
849 (service accountsservice-service-type accountsservice))
853 ;;; cups-pk-helper service.
856 (define cups-pk-helper-service-type
858 (name 'cups-pk-helper)
860 "PolicyKit helper to configure CUPS with fine-grained privileges.")
862 (list (service-extension dbus-root-service-type list)
863 (service-extension polkit-service-type list)))
864 (default-value cups-pk-helper)))
868 ;;; Scanner access via SANE.
871 (define %sane-accounts
872 ;; The '60-libsane.rules' udev rules refers to the "scanner" group.
873 (list (user-group (name "scanner") (system? #t))))
875 (define sane-service-type
879 "This service provides access to scanners @i{via}
880 @uref{http://www.sane-project.org, SANE} by installing the necessary udev
882 (default-value sane-backends-minimal)
884 (list (service-extension udev-service-type list)
885 (service-extension account-service-type
886 (const %sane-accounts))))))
891 ;;; GNOME desktop service.
894 (define-record-type* <gnome-desktop-configuration> gnome-desktop-configuration
895 make-gnome-desktop-configuration
896 gnome-desktop-configuration?
897 (gnome gnome-package (default gnome)))
899 (define (gnome-polkit-settings config)
900 "Return the list of GNOME dependencies that provide polkit actions and
902 (let ((gnome (gnome-package config)))
904 ((package-direct-input-selector name) gnome))
905 '("gnome-settings-daemon"
906 "gnome-control-center"
907 "gnome-system-monitor"
910 (define gnome-desktop-service-type
912 (name 'gnome-desktop)
914 (list (service-extension polkit-service-type
915 gnome-polkit-settings)
916 (service-extension profile-service-type
919 (default-value (gnome-desktop-configuration))
920 (description "Run the GNOME desktop environment.")))
922 (define-deprecated (gnome-desktop-service #:key (config
923 (gnome-desktop-configuration)))
924 gnome-desktop-service-type
925 "Return a service that adds the @code{gnome} package to the system profile,
926 and extends polkit with the actions from @code{gnome-settings-daemon}."
927 (service gnome-desktop-service-type config))
929 ;; MATE Desktop service.
930 ;; TODO: Add mate-screensaver.
932 (define-record-type* <mate-desktop-configuration> mate-desktop-configuration
933 make-mate-desktop-configuration
934 mate-desktop-configuration?
935 (mate-package mate-package (default mate)))
937 (define (mate-polkit-extension config)
938 "Return the list of packages for CONFIG's MATE package that extend polkit."
939 (let ((mate (mate-package config)))
941 ((package-direct-input-selector input) mate))
942 '("mate-system-monitor" ;kill, renice processes
943 "mate-settings-daemon" ;date/time settings
944 "mate-power-manager" ;modify brightness
945 "mate-control-center" ;RandR, display properties FIXME
946 "mate-applets")))) ;CPU frequency scaling
948 (define mate-desktop-service-type
952 (list (service-extension polkit-service-type
953 mate-polkit-extension)
954 (service-extension profile-service-type
957 (default-value (mate-desktop-configuration))
958 (description "Run the MATE desktop environment.")))
960 (define-deprecated (mate-desktop-service #:key
962 (mate-desktop-configuration)))
963 mate-desktop-service-type
964 "Return a service that adds the @code{mate} package to the system profile,
965 and extends polkit with the actions from @code{mate-settings-daemon}."
966 (service mate-desktop-service-type config))
970 ;;; XFCE desktop service.
973 (define-record-type* <xfce-desktop-configuration> xfce-desktop-configuration
974 make-xfce-desktop-configuration
975 xfce-desktop-configuration?
976 (xfce xfce-package (default xfce)))
978 (define (xfce-polkit-settings config)
979 "Return the list of XFCE dependencies that provide polkit actions and
981 (let ((xfce (xfce-package config)))
983 ((package-direct-input-selector name) xfce))
985 "xfce4-power-manager"))))
987 (define xfce-desktop-service-type
991 (list (service-extension polkit-service-type
992 xfce-polkit-settings)
993 (service-extension profile-service-type
994 (compose list xfce-package))))
995 (default-value (xfce-desktop-configuration))
996 (description "Run the Xfce desktop environment.")))
998 (define-deprecated (xfce-desktop-service #:key (config
999 (xfce-desktop-configuration)))
1000 xfce-desktop-service-type
1001 "Return a service that adds the @code{xfce} package to the system profile,
1002 and extends polkit with the ability for @code{thunar} to manipulate the file
1003 system as root from within a user session, after the user has authenticated
1004 with the administrator's password."
1005 (service xfce-desktop-service-type config))
1009 ;;; X11 socket directory service
1012 (define x11-socket-directory-service
1013 ;; Return a service that creates /tmp/.X11-unix. When using X11, libxcb
1014 ;; takes care of creating that directory. However, when using XWayland, we
1015 ;; need to create beforehand. Thus, create it unconditionally here.
1016 (simple-service 'x11-socket-directory
1017 activation-service-type
1018 (with-imported-modules '((guix build utils))
1020 (use-modules (guix build utils))
1021 (let ((directory "/tmp/.X11-unix"))
1023 (chmod directory #o777))))))
1026 ;;; Enlightenment desktop service.
1029 (define-record-type* <enlightenment-desktop-configuration>
1030 enlightenment-desktop-configuration make-enlightenment-desktop-configuration
1031 enlightenment-desktop-configuration?
1033 (enlightenment enlightenment-package
1034 (default enlightenment)))
1036 (define (enlightenment-setuid-programs enlightenment-desktop-configuration)
1037 (match-record enlightenment-desktop-configuration
1038 <enlightenment-desktop-configuration>
1040 (list (file-append enlightenment
1041 "/lib/enlightenment/utils/enlightenment_sys")
1042 (file-append enlightenment
1043 "/lib/enlightenment/utils/enlightenment_system")
1044 (file-append enlightenment
1045 "/lib/enlightenment/utils/enlightenment_ckpasswd"))))
1047 (define enlightenment-desktop-service-type
1049 (name 'enlightenment-desktop)
1051 (list (service-extension dbus-root-service-type
1053 (package-direct-input-selector
1055 enlightenment-package))
1056 (service-extension setuid-program-service-type
1057 enlightenment-setuid-programs)
1058 (service-extension profile-service-type
1060 enlightenment-package))))
1061 (default-value (enlightenment-desktop-configuration))
1063 "Return a service that adds the @code{enlightenment} package to the system
1064 profile, and extends dbus with the ability for @code{efl} to generate
1065 thumbnails and makes setuid the programs which enlightenment needs to function
1070 ;;; inputattach-service-type
1073 (define-record-type* <inputattach-configuration>
1074 inputattach-configuration
1075 make-inputattach-configuration
1076 inputattach-configuration?
1077 (device-type inputattach-configuration-device-type
1079 (device inputattach-configuration-device
1080 (default "/dev/ttyS0"))
1081 (baud-rate inputattach-configuration-baud-rate
1083 (log-file inputattach-configuration-log-file
1086 (define inputattach-shepherd-service
1088 (($ <inputattach-configuration> type device baud-rate log-file)
1089 (let ((args (append (if baud-rate
1090 (list "--baud" (number->string baud-rate))
1092 (list (string-append "--" type)
1094 (list (shepherd-service
1095 (provision '(inputattach))
1096 (requirement '(udev))
1097 (documentation "inputattach daemon")
1098 (start #~(make-forkexec-constructor
1099 (cons (string-append #$inputattach
1102 #:log-file #$log-file))
1103 (stop #~(make-kill-destructor))))))))
1105 (define inputattach-service-type
1109 (list (service-extension shepherd-root-service-type
1110 inputattach-shepherd-service)))
1111 (default-value (inputattach-configuration))
1112 (description "Return a service that runs inputattach on a device and
1113 dispatches events from it.")))
1117 ;;; gnome-keyring-service-type
1120 (define-record-type* <gnome-keyring-configuration> gnome-keyring-configuration
1121 make-gnome-keyring-configuration
1122 gnome-keyring-configuration?
1123 (keyring gnome-keyring-package (default gnome-keyring))
1124 (pam-services gnome-keyring-pam-services (default '(("gdm-password" . login)
1125 ("passwd" . passwd)))))
1127 (define (pam-gnome-keyring config)
1128 (define (%pam-keyring-entry . arguments)
1130 (control "optional")
1131 (module (file-append (gnome-keyring-package config)
1132 "/lib/security/pam_gnome_keyring.so"))
1133 (arguments arguments)))
1137 (case (assoc-ref (gnome-keyring-pam-services config)
1138 (pam-service-name service))
1142 (auth (append (pam-service-auth service)
1143 (list (%pam-keyring-entry))))
1144 (session (append (pam-service-session service)
1145 (list (%pam-keyring-entry "auto_start"))))))
1149 (password (append (pam-service-password service)
1150 (list (%pam-keyring-entry))))))
1153 (define gnome-keyring-service-type
1155 (name 'gnome-keyring)
1157 (service-extension pam-root-service-type pam-gnome-keyring)))
1158 (default-value (gnome-keyring-configuration))
1159 (description "Return a service, that adds the @code{gnome-keyring} package
1160 to the system profile and extends PAM with entries using
1161 @code{pam_gnome_keyring.so}, unlocking a user's login keyring when they log in
1162 or setting its password with passwd.")))
1166 ;;; polkit-wheel-service -- Allow wheel group to perform admin actions
1169 (define polkit-wheel
1172 `(("share/polkit-1/rules.d/wheel.rules"
1175 "polkit.addAdminRule(function(action, subject) {
1176 return [\"unix-group:wheel\"];
1180 (define polkit-wheel-service
1181 (simple-service 'polkit-wheel polkit-service-type (list polkit-wheel)))
1185 ;;; The default set of desktop services.
1188 (define %desktop-services
1189 ;; List of services typically useful for a "desktop" use case.
1190 (cons* (service gdm-service-type)
1192 ;; Screen lockers are a pretty useful thing and these are small.
1193 (screen-locker-service slock)
1194 (screen-locker-service xlockmore "xlock")
1196 ;; Add udev rules for MTP devices so that non-root users can access
1198 (simple-service 'mtp udev-service-type (list libmtp))
1199 ;; Add udev rules for scanners.
1200 (service sane-service-type)
1201 ;; Add polkit rules, so that non-root users in the wheel group can
1202 ;; perform administrative tasks (similar to "sudo").
1203 polkit-wheel-service
1205 ;; The global fontconfig cache directory can sometimes contain
1206 ;; stale entries, possibly referencing fonts that have been GC'd,
1207 ;; so mount it read-only.
1208 fontconfig-file-system-service
1210 ;; NetworkManager and its applet.
1211 (service network-manager-service-type)
1212 (service wpa-supplicant-service-type) ;needed by NetworkManager
1213 (simple-service 'network-manager-applet
1214 profile-service-type
1215 (list network-manager-applet))
1216 (service modem-manager-service-type)
1217 (service usb-modeswitch-service-type)
1219 ;; The D-Bus clique.
1220 (service avahi-service-type)
1222 (service upower-service-type)
1223 (accountsservice-service)
1224 (service cups-pk-helper-service-type)
1225 (service colord-service-type)
1227 (service polkit-service-type)
1231 (service ntp-service-type)
1233 x11-socket-directory-service
1235 (service pulseaudio-service-type)
1236 (service alsa-service-type)
1240 ;;; desktop.scm ends here