diff options
author | Ludovic Courtès <ludo@gnu.org> | 2019-09-20 21:33:22 +0200 |
---|---|---|
committer | Ludovic Courtès <ludo@gnu.org> | 2019-09-21 16:48:36 +0200 |
commit | a43e9157ef479e94c19951cc9d228cf153bf78ee (patch) | |
tree | 479de4bd93b70ddbb557a2cb9d9dda2970a46fe7 /gnu | |
parent | 5122209dde63ba369f3af2becd00cbbc3fd0d6f5 (diff) |
services: gdm: Ensure /var/lib/gdm is owned by "gdm".
Fixes <https://bugs.gnu.org/37423>.
Reported by Jan <tona_kosmicznego_smiecia@interia.pl>.
* gnu/services/xorg.scm (%gdm-activation): New variable.
(gdm-service-type)[extensions]: Add 'activation-service-type'.
Diffstat (limited to 'gnu')
-rw-r--r-- | gnu/services/xorg.scm | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/gnu/services/xorg.scm b/gnu/services/xorg.scm index 06d72b5f60..1d55e388a1 100644 --- a/gnu/services/xorg.scm +++ b/gnu/services/xorg.scm @@ -773,6 +773,27 @@ the GNOME desktop environment.") (home-directory "/var/lib/gdm") (shell (file-append shadow "/sbin/nologin"))))) +(define %gdm-activation + ;; Ensure /var/lib/gdm is owned by the "gdm" user. This is normally the + ;; case but could be wrong if the "gdm" user was created, then removed, and + ;; then recreated under a different UID/GID: <https://bugs.gnu.org/37423>. + (with-imported-modules '((guix build utils)) + #~(begin + (use-modules (guix build utils)) + + (let* ((gdm (getpwnam "gdm")) + (uid (passwd:uid gdm)) + (gid (passwd:gid gdm)) + (st (stat "/var/lib/gdm" #f))) + ;; Recurse into /var/lib/gdm only if it has wrong ownership. + (when (and st + (or (not (= uid (stat:uid st))) + (not (= gid (stat:gid st))))) + (for-each (lambda (file) + (chown file uid gid)) + (find-files "/var/lib/gdm" + #:directories? #t))))))) + (define dbus-daemon-wrapper (program-file "gdm-dbus-wrapper" @@ -915,6 +936,8 @@ the GNOME desktop environment.") (extensions (list (service-extension shepherd-root-service-type gdm-shepherd-service) + (service-extension activation-service-type + (const %gdm-activation)) (service-extension account-service-type (const %gdm-accounts)) (service-extension pam-root-service-type |