Message ID | aa1de1b705215a1cf6340c967619419cfa115ca6.1683473235.git.benjamin@uvy.fr |
---|---|
State | New |
Headers | show |
Series | [bug#63357] gnu: swaylock: Add linux-pam to inputs | expand |
Hi, Benjamin <benjamin@uvy.fr> skribis: > Adding linux-pam to inputs allows swaylock to run without setuid if > configured with a proper pam file. > --- > gnu/packages/wm.scm | 4 +--- I tweaked the commit log and applied it. Thanks! Ludo’.
On 2023-05-18 19:54, Ludovic Courtès wrote: > Hi, > > Benjamin <benjamin@uvy.fr> skribis: > >> Adding linux-pam to inputs allows swaylock to run without setuid if >> configured with a proper pam file. >> --- >> gnu/packages/wm.scm | 4 +--- > > I tweaked the commit log and applied it. Thanks! Hey guys! One of our colleagues mentioned that it's a breaking change and swaylock with pam backend will complain if suid is set, so the old setups with (screen-locker-service swaylock) will break after this commit. Do we want to document how to configure pam for swaylock in manual and add a news entry for this change?
Hello, > One of our colleagues mentioned that it's a breaking change and swaylock > with pam backend will complain if suid is set, so the old setups with > (screen-locker-service swaylock) will break after this commit. > > Do we want to document how to configure pam for swaylock in manual and > add a news entry for this change? First of all sorry for the breaking change. I am pretty new to guix and did not know about screen-locker-service. How I managed to make this to work is by setting a custom pam system service : (define-public swaylock-pam-service-type (service-type (name 'swaylock) (extensions (list (service-extension pam-root-service-type (const (list (pam-service (name "swaylock") (auth (list (pam-entry (control "include") (module "greetd")))))))))) (description "Swaylock pam configuration") (default-value '()))) I do not know the policy in case of breaking changes, but if it is easier we can roll back this change maybe ? Best Benjamin
Hi, I would suggest to go forward with fixing screen-locker-service-type. Root cause of issue is explained within the commit message of: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=63652 muradm "Benjamin" <benjamin@uvy.fr> writes: > Hello, > >> One of our colleagues mentioned that it's a breaking change and >> swaylock >> with pam backend will complain if suid is set, so the old >> setups with >> (screen-locker-service swaylock) will break after this commit. >> >> Do we want to document how to configure pam for swaylock in >> manual and >> add a news entry for this change? > > First of all sorry for the breaking change. > > I am pretty new to guix and did not know about > screen-locker-service. > How I managed to make this to work is by setting a custom pam > system > service : > > (define-public swaylock-pam-service-type > (service-type (name 'swaylock) > (extensions (list (service-extension > pam-root-service-type > (const > (list > (pam-service > (name > "swaylock") > (auth > (list > (pam-entry > (control > "include") > (module > "greetd")))))))))) > (description "Swaylock pam configuration") > (default-value '()))) > > I do not know the policy in case of breaking changes, but if it > is > easier we can roll back this change maybe ? > > Best > > Benjamin
diff --git a/gnu/packages/wm.scm b/gnu/packages/wm.scm index fe732e572e..b128b77e6a 100644 --- a/gnu/packages/wm.scm +++ b/gnu/packages/wm.scm @@ -1705,9 +1705,7 @@ (define-public swaylock (sha256 (base32 "03jrjwlwxkcyd6m9a1bbwapasnz7b7aws7h0y6jigjm4m478phv6")))) (build-system meson-build-system) - (inputs (list cairo gdk-pixbuf libxkbcommon - ;("linux-pam" ,linux-pam) ; FIXME: Doesn't work. - wayland)) + (inputs (list cairo gdk-pixbuf libxkbcommon linux-pam wayland)) (native-inputs (list pango pkg-config scdoc wayland-protocols)) (home-page "https://github.com/swaywm/sway") (synopsis "Screen locking utility for Wayland compositors")