amaharaneko/guix-mirrors
1
1
Fork 0
mirror of https://codeberg.org/guix/guix.git synced 2025-10-02 02:15:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

services: kwallet: New service.

Browse source 
Change-Id: I1330ce5e1648a8ddf6ddd507255a73335d6baa51
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
This commit is contained in:
Sergio Pastor Pérez 2025-05-02 09:49:49 +02:00 committed by Maxim Cournoyer
parent 284c5111db
commit 492bbb9700
No known key found for this signature in database
GPG key ID: 1260E46482E63562
2 changed files with 104 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

41
doc/guix.texi
View file

@ -138,6 +138,7 @@ Copyright @copyright{} 2024 45mg@*
Copyright @copyright{} 2025 Sören Tempel@* Copyright @copyright{} 2025 Sören Tempel@*
Copyright @copyright{} 2025 Rostislav Svoboda@* Copyright @copyright{} 2025 Rostislav Svoboda@*
Copyright @copyright{} 2025 Zacchaeus@* Copyright @copyright{} 2025 Zacchaeus@*
Copyright @copyright{} 2025 Sergio Pastor Pérez@*
Permission is granted to copy, distribute and/or modify this document Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU Free Documentation License, Version 1.3 or under the terms of the GNU Free Documentation License, Version 1.3 or
@ -27135,6 +27136,46 @@ and ``passwd'' is with the value @code{passwd}.
@end table @end table
@end deftp @end deftp
@defvar kwallet-service-type
This is the type of the service that adds the
@uref{https://invent.kde.org/plasma/kwallet-pam, KWallet keyring}. Its
value is a @code{kwallet-configuration} object (see below). Note that,
contrary to @code{gnome-desktop-service-type}, which includes the
respective keyring for that service, @code{gnome-keyring-service-type},
@code{plasma-desktop-service-type} does not include
@code{kwallet-service-type}.
This service adds the @code{kwallet-pam} package to the system profile
and extends PAM with entries using @code{pam_kwallet5.so}. It can
unlock the user's login keyring or set their password with
@command{passwd} at the time they log in.
@end defvar
@deftp {Data Type} kwallet-configuration
Configuration record for the KWallet Keyring service.
@table @asis
@item @code{keyring} (default: @code{kwallet-pam})
The KWallet keyring package to use.
@item @code{pam-services}
A list of @code{(@var{service} . @var{kind})} pairs denoting PAM
services to extend, where @var{service} is the name of an existing
service to extend and @var{kind} is one of @code{login} or @code{passwd}
symbols.
If @code{login} is given, it adds an optional
@code{pam_kwallet5.so} to the auth block without arguments and to
the session block with @code{auto_start}. If @code{passwd} is given, it
adds an optional @code{pam_kwallet5.so} to the password block
without arguments.
By default, it takes for value an alist associating the @code{"sddm"}
key with the @code{'login} value, and the @code{"passwd"} key with the
@code{'passwd} value.
@end table
@end deftp
@defvar seatd-service-type @defvar seatd-service-type
@uref{https://sr.ht/~kennylevinsen/seatd/, seatd} is a minimal seat @uref{https://sr.ht/~kennylevinsen/seatd/, seatd} is a minimal seat
management daemon. management daemon.

63
gnu/services/desktop.scm
View file

@ -20,6 +20,7 @@
;;; Copyright © 2024 45mg <45mg.writes@gmail.com> ;;; Copyright © 2024 45mg <45mg.writes@gmail.com>
;;; Copyright © 2024 Raven Hallsby <karl@hallsby.com> ;;; Copyright © 2024 Raven Hallsby <karl@hallsby.com>
;;; Copyright © 2025 Jonathan Brielmaier <jonathan.brielmaier@web.de> ;;; Copyright © 2025 Jonathan Brielmaier <jonathan.brielmaier@web.de>
;;; Copyright © 2025 Sergio Pastor Pérez <sergio.pastorperez@gmail.com>
;;; ;;;
;;; This file is part of GNU Guix. ;;; This file is part of GNU Guix.
;;; ;;;
@ -197,6 +198,10 @@
gnome-keyring-configuration? gnome-keyring-configuration?
gnome-keyring-service-type gnome-keyring-service-type
kwallet-configuration
kwallet-configuration?
kwallet-service-type
seatd-configuration seatd-configuration
seatd-service-type seatd-service-type
@ -2148,6 +2153,64 @@ profile, and extends dbus with the ability for @code{efl} to generate
thumbnails and privileges the programs which enlightenment needs to function thumbnails and privileges the programs which enlightenment needs to function
as expected."))) as expected.")))
;;;
;;; kwallet-service-type.
;;;
(define-record-type* <kwallet-configuration> kwallet-configuration
make-kwallet-configuration
kwallet-configuration?
(wallet kwallet-package (default kwallet-pam))
(pam-services kwallet-pam-services (default '(("sddm" . login)
("passwd" . passwd)))))
(define (pam-kwallet config)
"Return a PAM extension for KWallet."
(match config
(#f '()) ;explicitly disabled by user
(_
(define (%pam-keyring-entry . arguments)
(pam-entry
(control "optional")
(module (file-append (kwallet-package config)
"/lib/security/pam_kwallet5.so"))
(arguments arguments)))
(list
(pam-extension
(transformer
(lambda (service)
(case (assoc-ref (kwallet-pam-services config)
(pam-service-name service))
((login)
(pam-service
(inherit service)
(auth (append (pam-service-auth service)
(list (%pam-keyring-entry))))
(session (append (pam-service-session service)
(list (%pam-keyring-entry "auto_start"))))))
((passwd)
(pam-service
(inherit service)
(password (append (pam-service-password service)
(list (%pam-keyring-entry))))))
(else service)))))))))
;; TODO: consider integrating service in `<plasma-desktop-configuration>' as
;; done in `<gnome-desktop-configuration>'. This requires rewritting the
;; `<plasma-desktop-service-type>' as done for `<gnome-desktop-service-type>'.
(define kwallet-service-type
(service-type
(name 'kwallet)
(extensions (list
(service-extension pam-root-service-type pam-kwallet)))
(default-value (kwallet-configuration))
(description "Return a service that extends PAM with entries using
@code{pam_kwallet5.so}, unlocking the user's login keyring when they log in or
setting its password with @command{passwd}.")))
;;; ;;;
;;; KDE Plasma desktop service. ;;; KDE Plasma desktop service.
;;; ;;;