guix-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Enabling PAM support or not only..

From: Maxim Cournoyer
Subject: Re: Enabling PAM support or not only..
Date: Wed, 24 May 2023 12:01:49 -0400
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux) 
Hi Muradm,

muradm <mail@muradm.net> writes:

[...]

> core-updates merging commit 3bacd3c76a added linux-pam to cups
> package. Resulting in https://issues.guix.gnu.org/issue/63198.
> While switching cups-service-type's default package from cups
> to cups-minimal solves authentication issue, it however
> broke ipptool printer finder tool. When PAM support is
> compiled in, it does not work without proper PAM entry.
>
> While workaround could be as simple as:
>
> +(simple-service
> + 'cups-pam-service
> + pam-root-service-type
> + (list (unix-pam-service "cups" #:allow-empty-passwords? #f)))
>
>
> Total solution could be:
> https://issues.guix.gnu.org/issue/63198#4

Now applied, thanks.

>
> swaylock with screen-locker-service-type:
>
> commit 146bae3979 added linux-pam to swaylock package. Resulting
> in https://issues.guix.gnu.org/issue/63357#2.
>
> While workaround could be as simple as:
>
> -(service screen-locker-service-type
> -         (screen-locker-configuration
> -          "swaylock" (file-append swaylock "/bin/swaylock") 
>            #f)))))
> +(simple-service
> + 'cups-pam-service
> + pam-root-service-type
> + (list (unix-pam-service "cups" #:allow-empty-passwords? #f)))
>
> Detailed explanation with total solution is provided in
> https://issues.guix.gnu.org/issue/63652.
>
>
> The following coming afterwards to my mind:
>
> GUIX at first is package manager, so there are a lot of them,
> but of two types:
>   - BOUND - ones referenced from (gnu system) (gnu services)
>   - FREE-STANDING - ones not referenced

I don't know about swaylock, but for CUPS, the change was strictly
required; you can't build the full CUPS without PAM anymore, I think.  I
had tried as a possible solution to the PAM problems.

So the distinction between bound and free-standing in this context is
not very useful (when the changes are forced by upstream rather than
chosen by the contributors).  What would be useful though is increasing
our test coverage to catch these issues.

-- 
Thanks,
Maxim
reply via email to
[Prev in Thread] Current Thread [Next in Thread]