02/06: services: pam-limits: Keep 'limits.conf' in the store.

guix-commits

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

02/06: services: pam-limits: Keep 'limits.conf' in the store.

From:	guix-commits
Subject:	02/06: services: pam-limits: Keep 'limits.conf' in the store.
Date:	Tue, 15 Aug 2023 17:40:10 -0400 (EDT)

civodul pushed a commit to branch master
in repository guix.

commit 20c51c1d2ce8fd4b32203343c3afbfe2622a22d7
Author: Felix Lechner <felix.lechner@lease-up.com>
AuthorDate: Fri May 12 11:52:48 2023 -0700

    services: pam-limits: Keep 'limits.conf' in the store.
    
    * gnu/services/base.scm (pam-limits-service-type)[pam-extension]: Wrap
    into a 'lambda' that takes 'limits-file'.  Pass that in the <pam-entry>
    'arguments' field.  Define 'make-limits-file' and use it.
    Remove ETC-SERVICE-TYPE extension.
    
    Signed-off-by: Ludovic Courtès <ludo@gnu.org>
---
 gnu/services/base.scm | 63 ++++++++++++++++++++++++---------------------------
 1 file changed, 30 insertions(+), 33 deletions(-)

diff --git a/gnu/services/base.scm b/gnu/services/base.scm
index 492cf8a693..b557af24af 100644
--- a/gnu/services/base.scm
+++ b/gnu/services/base.scm
@@ -1603,38 +1603,36 @@ information on the configuration file syntax."
 
 (define pam-limits-service-type
   (let ((pam-extension
-         (pam-extension
-          (transformer
-           (lambda (pam)
-             (let ((pam-limits (pam-entry
-                                (control "required")
-                                (module "pam_limits.so")
-                                (arguments
-                                 '("conf=/etc/security/limits.conf")))))
-               (if (member (pam-service-name pam)
-                           '("login" "greetd" "su" "slim" "gdm-password"
-                             "sddm" "sudo" "sshd" "lightdm"))
-                   (pam-service
-                    (inherit pam)
-                    (session (cons pam-limits
-                                   (pam-service-session pam))))
-                   pam))))))
-
-        ;; XXX: Using file-like objects is deprecated, use lists instead.
-        ;;      This is to be reduced into the list? case when the deprecated
-        ;;      code gets removed.
-        ;; Create /etc/security containing the provided "limits.conf" file.
-        (security-limits
+         (lambda (limits-file)
+           (pam-extension
+            (transformer
+             (lambda (pam)
+               (let ((pam-limits (pam-entry
+                                  (control "required")
+                                  (module "pam_limits.so")
+                                  (arguments
+                                   (list #~(string-append "conf=" 
#$limits-file))))))
+                 (if (member (pam-service-name pam)
+                             '("login" "greetd" "su" "slim" "gdm-password"
+                               "sddm" "lightdm" "sudo" "sshd"))
+                     (pam-service
+                      (inherit pam)
+                      (session (cons pam-limits
+                                     (pam-service-session pam))))
+                     pam)))))))
+        (make-limits-file
          (match-lambda
+           ;; XXX: Using file-like objects is deprecated, use lists instead.
+           ;;      This is to be reduced into the list? case when the 
deprecated
+           ;;      code gets removed.
            ((? file-like? obj)
             (warning (G_ "Using file-like value for \
 'pam-limits-service-type' is deprecated~%"))
-            `(("security/limits.conf" ,obj)))
+            obj)
            ((? list? lst)
-            `(("security/limits.conf"
-               ,(plain-file "limits.conf"
-                            (string-join (map pam-limits-entry->string lst)
-                                         "\n" 'suffix)))))
+            (plain-file "limits.conf"
+                        (string-join (map pam-limits-entry->string lst)
+                                     "\n" 'suffix)))
            (_ (raise
                (formatted-message
                 (G_ "invalid input for 'pam-limits-service-type'~%")))))))
@@ -1642,13 +1640,12 @@ information on the configuration file syntax."
     (service-type
      (name 'limits)
      (extensions
-      (list (service-extension etc-service-type security-limits)
-            (service-extension pam-root-service-type
-                               (lambda _ (list pam-extension)))))
+      (list (service-extension pam-root-service-type
+                               (lambda (config)
+                                 (list (pam-extension (make-limits-file 
config)))))))
      (description
-      "Install the specified resource usage limits by populating
-@file{/etc/security/limits.conf} and using the @code{pam_limits}
-authentication module.")
+      "Use the @code{pam_limits} authentication module to set the specified
+resource usage limits.")
      (default-value '()))))
 
 (define-deprecated (pam-limits-service #:optional (limits '()))

[Prev in Thread]

Current Thread

[Next in Thread]

branch master updated (6eb0070f08 -> 880ada0bdb), guix-commits, 2023/08/15
- 06/06: gnu: Move stalonetray to (gnu packages xdisorg)., guix-commits, 2023/08/15
- 05/06: gnu: stalonetray: Update to 0.8.5., guix-commits, 2023/08/15
- 04/06: services: Add cachefilesd service., guix-commits, 2023/08/15
- 01/06: tests: pam-limits: Confirm actual ulimits are installed., guix-commits, 2023/08/15
- 03/06: services: Use more 'file-append'., guix-commits, 2023/08/15
- 02/06: services: pam-limits: Keep 'limits.conf' in the store., guix-commits <=

Prev by Date: 03/06: services: Use more 'file-append'.
Next by Date: branch qt-updates deleted (was 85bdd2cf91)
Previous by thread: 03/06: services: Use more 'file-append'.
Next by thread: branch qt-updates deleted (was 85bdd2cf91)
Index(es):
- Date
- Thread