branch master updated: services: laminar: Add configuration option for s

guix-commits

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

branch master updated: services: laminar: Add configuration option for s

From:	guix-commits
Subject:	branch master updated: services: laminar: Add configuration option for supplementary groups.
Date:	Thu, 28 Dec 2023 11:03:21 -0500

This is an automated email from the git hooks/post-receive script.

davexunit pushed a commit to branch master
in repository guix.

The following commit(s) were added to refs/heads/master by this push:
     new 7722da6fa5 services: laminar: Add configuration option for 
supplementary groups.
7722da6fa5 is described below

commit 7722da6fa5422c4fec69d6c8b9536c7d6fc3d326
Author: David Thompson <dthompson2@worcester.edu>
AuthorDate: Sun Nov 19 14:46:52 2023 -0500

    services: laminar: Add configuration option for supplementary groups.
    
    * gnu/services/ci (<laminar-configuration>)[supplemental-groups]: New field.
    (laminar-shepherd-service): Exec laminard with supplementary groups.
    (laminar-account): Add supplementary groups to laminar user.
    * doc/guix.texi (Laminar): Document new configuration field.
    
    Change-Id: Iebfdbb58ea8c6dfa22bb8f64f6463e3ad133d2f9
---
 doc/guix.texi       |  3 +++
 gnu/services/ci.scm | 42 ++++++++++++++++++++++++------------------
 2 files changed, 27 insertions(+), 18 deletions(-)

diff --git a/doc/guix.texi b/doc/guix.texi
index a9a9272c35..bc04bb8150 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -34163,6 +34163,9 @@ The Laminar package to use.
 @item @code{home-directory} (default: @code{"/var/lib/laminar"})
 The directory for job configurations and run directories.
 
+@item @code{supplementary-groups} (default: @code{()})
+Supplementary groups for the Laminar user account.
+
 @item @code{bind-http} (default: @code{"*:8080"})
 The interface/port or unix socket on which laminard should listen for
 incoming connections to the web frontend.
diff --git a/gnu/services/ci.scm b/gnu/services/ci.scm
index 172f85fe8e..01cc7c7d86 100644
--- a/gnu/services/ci.scm
+++ b/gnu/services/ci.scm
@@ -31,6 +31,7 @@
   #:export (laminar-configuration
             laminar-configuration?
             laminar-configuration-home-directory
+            laminar-configuration-supplementary-groups
             laminar-configuration-bind-http
             laminar-configuration-bind-rpc
             laminar-configuration-title
@@ -50,26 +51,28 @@
 (define-record-type* <laminar-configuration>
   laminar-configuration make-laminar-configuration
   laminar-configuration?
-  (laminar          laminars-configuration-laminar
-                    (default laminar))
-  (home-directory   laminar-configuration-home-directory
-                    (default "/var/lib/laminar"))
-  (bind-http        laminar-configuration-bind-http
-                    (default "*:8080"))
-  (bind-rpc         laminar-configuration-bind-rpc
-                    (default "unix-abstract:laminar"))
-  (title            laminar-configuration-title
-                    (default "Laminar"))
-  (keep-rundirs     laminar-keep-rundirs
-                    (default 0))
-  (archive-url      laminar-archive-url
-                    (default #f))
-  (base-url         laminar-base-url
-                    (default #f)))
+  (laminar              laminars-configuration-laminar
+                        (default laminar))
+  (home-directory       laminar-configuration-home-directory
+                        (default "/var/lib/laminar"))
+  (supplementary-groups laminar-configuration-supplementary-groups
+                        (default '()))
+  (bind-http            laminar-configuration-bind-http
+                        (default "*:8080"))
+  (bind-rpc             laminar-configuration-bind-rpc
+                        (default "unix-abstract:laminar"))
+  (title                laminar-configuration-title
+                        (default "Laminar"))
+  (keep-rundirs         laminar-keep-rundirs
+                        (default 0))
+  (archive-url          laminar-archive-url
+                        (default #f))
+  (base-url             laminar-base-url
+                        (default #f)))
 
 (define laminar-shepherd-service
   (match-lambda
-    (($ <laminar-configuration> laminar home-directory
+    (($ <laminar-configuration> laminar home-directory supplementary-groups
                                 bind-http bind-rpc
                                 title keep-rundirs archive-url
                                 base-url)
@@ -102,7 +105,8 @@
                                               #$base-url))
                               '()))
                       #:user "laminar"
-                      #:group "laminar"))
+                      #:group "laminar"
+                      #:supplementary-groups '#$supplementary-groups))
             (stop #~(make-kill-destructor)))))))
 
 (define (laminar-account config)
@@ -113,6 +117,8 @@
         (user-account
          (name "laminar")
          (group "laminar")
+         (supplementary-groups
+          (laminar-configuration-supplementary-groups config))
          (system? #t)
          (comment "Laminar privilege separation user")
          (home-directory (laminar-configuration-home-directory config))

[Prev in Thread]

Current Thread

[Next in Thread]

branch master updated: services: laminar: Add configuration option for supplementary groups., guix-commits <=

Prev by Date: branch master updated: gnu: torbrowser: Change version to 13.0.8.
Next by Date: branch mesa-updates updated (bdab356332 -> 92227248a6)
Previous by thread: branch master updated: gnu: torbrowser: Change version to 13.0.8.
Next by thread: branch mesa-updates updated (bdab356332 -> 92227248a6)
Index(es):
- Date
- Thread