[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug#61789] [PATCH 10/27] services: base: Deprecate 'pam-limits-service'
From: |
Bruno Victal |
Subject: |
[bug#61789] [PATCH 10/27] services: base: Deprecate 'pam-limits-service' procedure. |
Date: |
Sat, 25 Feb 2023 18:57:56 +0000 |
* doc/guix.texi (Base Services): Replace pam-limits-service with
pam-limits-service-type.
* gnu/packages/benchmark.scm (python-locust)[description]: Update index anchor
to manual.
* gnu/services/base.scm (pam-limits-service-type): Accept both lists and
file-like objects for compatibility.
(pam-limits-service): Deprecate procedure.
---
doc/guix.texi | 18 ++++++++---------
gnu/packages/benchmark.scm | 2 +-
gnu/services/base.scm | 41 +++++++++++++++++++++++++++-----------
3 files changed, 39 insertions(+), 22 deletions(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index ec6f2d9c31..f9ca809e47 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -18938,7 +18938,6 @@ Base Services
@end table
@end deftp
-@anchor{pam-limits-service}
@cindex session limits
@cindex ulimit
@cindex priority
@@ -18946,19 +18945,20 @@ Base Services
@cindex jackd
@cindex nofile
@cindex open file descriptors
-@deffn {Scheme Procedure} pam-limits-service [#:limits @code{'()}]
-
-Return a service that installs a configuration file for the
+@anchor{pam-limits-service-type}
+@defvar pam-limits-service-type
+Type of the service that installs a configuration file for the
@uref{http://linux-pam.org/Linux-PAM-html/sag-pam_limits.html,
-@code{pam_limits} module}. The procedure optionally takes a list of
-@code{pam-limits-entry} values, which can be used to specify
+@code{pam_limits} module}. The value for this service type is
+a list of @code{pam-limits-entry} values, which can be used to specify
@code{ulimit} limits and @code{nice} priority limits to user sessions.
+By default, the value is the empty list.
The following limits definition sets two hard and soft limits for all
login sessions of users in the @code{realtime} group:
@lisp
-(pam-limits-service
+(service pam-limits-service-type
(list
(pam-limits-entry "@@realtime" 'both 'rtprio 99)
(pam-limits-entry "@@realtime" 'both 'memlock 'unlimited)))
@@ -18973,7 +18973,7 @@ Base Services
descriptors that can be used:
@lisp
-(pam-limits-service
+(service pam-limits-service-type
(list
(pam-limits-entry "*" 'both 'nofile 100000)))
@end lisp
@@ -18984,7 +18984,7 @@ Base Services
else the users would be prevented from login in. For more information
about the Pluggable Authentication Module (PAM) limits, refer to the
@samp{pam_limits} man page from the @code{linux-pam} package.
-@end deffn
+@end defvar
@defvar greetd-service-type
@uref{https://git.sr.ht/~kennylevinsen/greetd, @code{greetd}} is a minimal and
diff --git a/gnu/packages/benchmark.scm b/gnu/packages/benchmark.scm
index 33e2466da9..fd8513f41d 100644
--- a/gnu/packages/benchmark.scm
+++ b/gnu/packages/benchmark.scm
@@ -458,7 +458,7 @@ (define-public python-locust
Note: Locust will complain if the available open file descriptors limit for
the user is too low. To raise such limit on a Guix System, refer to
-@samp{info guix --index-search=pam-limits-service}.")
+@samp{info guix --index-search=pam-limits-service-type}.")
(license license:expat)))
(define-public interbench
diff --git a/gnu/services/base.scm b/gnu/services/base.scm
index 1423ab6767..bda38abae3 100644
--- a/gnu/services/base.scm
+++ b/gnu/services/base.scm
@@ -40,7 +40,7 @@
(define-module (gnu services base)
#:use-module (guix store)
#:use-module (guix deprecation)
- #:autoload (guix diagnostics) (warning &fix-hint)
+ #:autoload (guix diagnostics) (warning report-error &fix-hint)
#:autoload (guix i18n) (G_)
#:use-module (guix combinators)
#:use-module (gnu services)
@@ -246,7 +246,7 @@ (define-module (gnu services base)
kmscon-service-type
pam-limits-service-type
- pam-limits-service
+ pam-limits-service ; deprecated
greetd-service-type
greetd-configuration
@@ -1584,17 +1584,13 @@ (define-deprecated (syslog-service #:optional (config
(syslog-configuration)))
(define pam-limits-service-type
- (let ((security-limits
- ;; Create /etc/security containing the provided "limits.conf" file.
- (lambda (limits-file)
- `(("security/limits.conf"
- ,limits-file))))
- (pam-extension
+ (let ((pam-extension
(lambda (pam)
(let ((pam-limits (pam-entry
(control "required")
(module "pam_limits.so")
- (arguments
'("conf=/etc/security/limits.conf")))))
+ (arguments
+ '("conf=/etc/security/limits.conf")))))
(if (member (pam-service-name pam)
'("login" "greetd" "su" "slim" "gdm-password" "sddm"
"sudo" "sshd"))
@@ -1602,7 +1598,26 @@ (define pam-limits-service-type
(inherit pam)
(session (cons pam-limits
(pam-service-session pam))))
- pam)))))
+ pam))))
+
+ ;; XXX: Using file-like objects is deprecated, use lists instead.
+ ;; This is to be reduced into the list? case when the deprecated
+ ;; code gets removed.
+ ;; Create /etc/security containing the provided "limits.conf" file.
+ (security-limits
+ (match-lambda
+ ((? file-like? obj)
+ (warning (G_ "Using file-like value for 'pam-limits-service-type'
+is deprecated~%"))
+ obj)
+ ((? list? lst)
+ `(("security/limits.conf"
+ ,(plain-file "limits.conf"
+ (string-join (map pam-limits-entry->string lst)
+ "\n" 'suffix)))))
+ (_ (report-error
+ (G_ "invalid input for 'pam-limits-service-type'~%"))))))
+
(service-type
(name 'limits)
(extensions
@@ -1612,9 +1627,11 @@ (define pam-limits-service-type
(description
"Install the specified resource usage limits by populating
@file{/etc/security/limits.conf} and using the @code{pam_limits}
-authentication module."))))
+authentication module.")
+ (default-value '()))))
-(define* (pam-limits-service #:optional (limits '()))
+(define-deprecated (pam-limits-service #:optional (limits '()))
+ pam-limits-service-type
"Return a service that makes selected programs respect the list of
pam-limits-entry specified in LIMITS via pam_limits.so."
(service pam-limits-service-type
--
2.39.1
- [bug#61789] [PATCH 00/27] Deprecate old-style services., Bruno Victal, 2023/02/25
- [bug#61789] [PATCH 01/27] services: base: Deprecate 'host-name-service' procedure., Bruno Victal, 2023/02/25
- [bug#61789] [PATCH 07/27] services: base: Deprecate 'syslog-service' procedure., Bruno Victal, 2023/02/25
- [bug#61789] [PATCH 14/27] services: xorg: Deprecate 'screen-locker-service' procedure., Bruno Victal, 2023/02/25
- [bug#61789] [PATCH 08/27] services: base: Deprecate 'udev-service' procedure., Bruno Victal, 2023/02/25
- [bug#61789] [PATCH 23/27] services: vpn: Deprecate 'openvpn-client-service' & 'openvpn-server-service' procedures., Bruno Victal, 2023/02/25
- [bug#61789] [PATCH 02/27] services: base: Deprecate 'login-service' procedure., Bruno Victal, 2023/02/25
- [bug#61789] [PATCH 05/27] doc: kmscon-service-type: Use @defvar @-command., Bruno Victal, 2023/02/25
- [bug#61789] [PATCH 18/27] services: dbus: Deprecate 'polkit-service' procedure., Bruno Victal, 2023/02/25
- [bug#61789] [PATCH 10/27] services: base: Deprecate 'pam-limits-service' procedure.,
Bruno Victal <=
- [bug#61789] [PATCH 26/27] services: dict: Deprecate 'dicod-service' procedure., Bruno Victal, 2023/02/25
- [bug#61789] [PATCH 03/27] services: base: Deprecate 'mingetty-service' procedure., Bruno Victal, 2023/02/25
- [bug#61789] [PATCH 09/27] services: base: Deprecate 'rngd-service' procedure., Bruno Victal, 2023/02/25
- [bug#61789] [PATCH 12/27] services: ssh: Deprecate 'lsh-service' procedure., Bruno Victal, 2023/02/25
- [bug#61789] [PATCH 04/27] services: base: Deprecate 'agetty-service' procedure., Bruno Victal, 2023/02/25
- [bug#61789] [PATCH 19/27] services: desktop: Deprecate 'udisks-service' procedure., Bruno Victal, 2023/02/25
- [bug#61789] [PATCH 11/27] services: tor: Deprecate 'tor-hidden-service' procedure., Bruno Victal, 2023/02/25
- [bug#61789] [PATCH 17/27] services: desktop: Deprecate 'accountsservice-service' procedure., Bruno Victal, 2023/02/25
- [bug#61789] [PATCH 24/27] services: lirc: Deprecate 'lirc-service' procedure., Bruno Victal, 2023/02/25
- [bug#61789] [PATCH 20/27] services: desktop: Deprecate 'geoclue-service' procedure., Bruno Victal, 2023/02/25