| Message ID | aa1de1b705215a1cf6340c967619419cfa115ca6.1683473235.git.benjamin@uvy.fr |
|---|---|
| State | New |
| Headers |
Return-Path: <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org> X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id 08FA627BBEB; Mon, 8 May 2023 08:24:19 +0100 (BST) X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-3.7 required=5.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS, URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTPS id 4475527BBEA for <patchwork@mira.cbaines.net>; Mon, 8 May 2023 08:24:18 +0100 (BST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from <guix-patches-bounces@gnu.org>) id 1pvvE7-0000Il-Ls; Mon, 08 May 2023 03:24:10 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1pvvE2-0000II-J0 for guix-patches@gnu.org; Mon, 08 May 2023 03:24:02 -0400 Received: from debbugs.gnu.org ([209.51.188.43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1pvvE2-00061A-Ah for guix-patches@gnu.org; Mon, 08 May 2023 03:24:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1pvvE2-0008AU-5s for guix-patches@gnu.org; Mon, 08 May 2023 03:24:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#63357] [PATCH] gnu: swaylock: Add linux-pam to inputs Resent-From: Benjamin <benjamin@uvy.fr> Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org> Resent-CC: guix-patches@gnu.org Resent-Date: Mon, 08 May 2023 07:24:02 +0000 Resent-Message-ID: <handler.63357.B.168353062231329@debbugs.gnu.org> Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 63357 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 63357@debbugs.gnu.org Cc: Benjamin <benjamin@uvy.fr> X-Debbugs-Original-To: guix-patches@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.168353062231329 (code B ref -1); Mon, 08 May 2023 07:24:02 +0000 Received: (at submit) by debbugs.gnu.org; 8 May 2023 07:23:42 +0000 Received: from localhost ([127.0.0.1]:39006 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>) id 1pvvDh-000899-TY for submit@debbugs.gnu.org; Mon, 08 May 2023 03:23:42 -0400 Received: from lists.gnu.org ([209.51.188.17]:33518) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <benjamin@uvy.fr>) id 1pvgKm-0002z4-TY for submit@debbugs.gnu.org; Sun, 07 May 2023 11:30:01 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <benjamin@uvy.fr>) id 1pvgKm-0002Fb-H0 for guix-patches@gnu.org; Sun, 07 May 2023 11:30:00 -0400 Received: from mail.uvy.fr ([146.59.197.40]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <benjamin@uvy.fr>) id 1pvgKk-0005Vt-Oj for guix-patches@gnu.org; Sun, 07 May 2023 11:30:00 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=uvy.fr; s=202105; t=1683473394; bh=6BMLhnwwWCvJwrDu1ZQyAPJQHLzShl1sC7C8pZlbSGs=; h=From:To:Cc:Subject:Date; b=5y9j6vxpTD4/t+8Do5F+SyiUOjQ+lHAZNCiB9wQ928hBiXb2+4w1hRv/G5tU4vUSE JjFW6niHDTAPE0WRH0wfQI2DOn3Esris5ePns33PiEXwhAojqxB7R8S/865xNfo5s3 ERtRkM3cHawpETvd3FTIEqUBHPC5ZYyD8sdRyfI5c9fcH4+oNnTl0i2bzMnmYmIig9 71Nale7MZXasm0bsCO1hwCOBGo+yYMqxqs/JgqdSzu10mxD15fxUvXtBmzg8eL/4do Zn9nr08cAZf5mE6FxUxpRIKGm7pAbGI6Au8oHYsNsQrQvYNPUHytEW72Qndx0XFXs2 MGZ+yAG4UcIJA== From: Benjamin <benjamin@uvy.fr> Date: Sun, 7 May 2023 17:27:15 +0200 Message-Id: <aa1de1b705215a1cf6340c967619419cfa115ca6.1683473235.git.benjamin@uvy.fr> X-Mailer: git-send-email 2.39.2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=146.59.197.40; envelope-from=benjamin@uvy.fr; helo=mail.uvy.fr X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-Mailman-Approved-At: Mon, 08 May 2023 03:23:39 -0400 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: <guix-patches.gnu.org> List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>, <mailto:guix-patches-request@gnu.org?subject=unsubscribe> List-Archive: <https://lists.gnu.org/archive/html/guix-patches> List-Post: <mailto:guix-patches@gnu.org> List-Help: <mailto:guix-patches-request@gnu.org?subject=help> List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>, <mailto:guix-patches-request@gnu.org?subject=subscribe> Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org X-getmail-retrieved-from-mailbox: Patches |
| Series |
[bug#63357] gnu: swaylock: Add linux-pam to inputs
|
|
Commit Message
Benjamin
May 7, 2023, 3:27 p.m. UTC
Adding linux-pam to inputs allows swaylock to run without setuid if configured with a proper pam file. --- gnu/packages/wm.scm | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) base-commit: 7f8575c97a8c112e9f82981b8803d075a82738dd
Comments
Hi, Benjamin <benjamin@uvy.fr> skribis: > Adding linux-pam to inputs allows swaylock to run without setuid if > configured with a proper pam file. > --- > gnu/packages/wm.scm | 4 +--- I tweaked the commit log and applied it. Thanks! Ludo’.
On 2023-05-18 19:54, Ludovic Courtès wrote: > Hi, > > Benjamin <benjamin@uvy.fr> skribis: > >> Adding linux-pam to inputs allows swaylock to run without setuid if >> configured with a proper pam file. >> --- >> gnu/packages/wm.scm | 4 +--- > > I tweaked the commit log and applied it. Thanks! Hey guys! One of our colleagues mentioned that it's a breaking change and swaylock with pam backend will complain if suid is set, so the old setups with (screen-locker-service swaylock) will break after this commit. Do we want to document how to configure pam for swaylock in manual and add a news entry for this change?
Hello, > One of our colleagues mentioned that it's a breaking change and swaylock > with pam backend will complain if suid is set, so the old setups with > (screen-locker-service swaylock) will break after this commit. > > Do we want to document how to configure pam for swaylock in manual and > add a news entry for this change? First of all sorry for the breaking change. I am pretty new to guix and did not know about screen-locker-service. How I managed to make this to work is by setting a custom pam system service : (define-public swaylock-pam-service-type (service-type (name 'swaylock) (extensions (list (service-extension pam-root-service-type (const (list (pam-service (name "swaylock") (auth (list (pam-entry (control "include") (module "greetd")))))))))) (description "Swaylock pam configuration") (default-value '()))) I do not know the policy in case of breaking changes, but if it is easier we can roll back this change maybe ? Best Benjamin
Hi, I would suggest to go forward with fixing screen-locker-service-type. Root cause of issue is explained within the commit message of: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=63652 muradm "Benjamin" <benjamin@uvy.fr> writes: > Hello, > >> One of our colleagues mentioned that it's a breaking change and >> swaylock >> with pam backend will complain if suid is set, so the old >> setups with >> (screen-locker-service swaylock) will break after this commit. >> >> Do we want to document how to configure pam for swaylock in >> manual and >> add a news entry for this change? > > First of all sorry for the breaking change. > > I am pretty new to guix and did not know about > screen-locker-service. > How I managed to make this to work is by setting a custom pam > system > service : > > (define-public swaylock-pam-service-type > (service-type (name 'swaylock) > (extensions (list (service-extension > pam-root-service-type > (const > (list > (pam-service > (name > "swaylock") > (auth > (list > (pam-entry > (control > "include") > (module > "greetd")))))))))) > (description "Swaylock pam configuration") > (default-value '()))) > > I do not know the policy in case of breaking changes, but if it > is > easier we can roll back this change maybe ? > > Best > > Benjamin
diff --git a/gnu/packages/wm.scm b/gnu/packages/wm.scm index fe732e572e..b128b77e6a 100644 --- a/gnu/packages/wm.scm +++ b/gnu/packages/wm.scm @@ -1705,9 +1705,7 @@ (define-public swaylock (sha256 (base32 "03jrjwlwxkcyd6m9a1bbwapasnz7b7aws7h0y6jigjm4m478phv6")))) (build-system meson-build-system) - (inputs (list cairo gdk-pixbuf libxkbcommon - ;("linux-pam" ,linux-pam) ; FIXME: Doesn't work. - wayland)) + (inputs (list cairo gdk-pixbuf libxkbcommon linux-pam wayland)) (native-inputs (list pango pkg-config scdoc wayland-protocols)) (home-page "https://github.com/swaywm/sway") (synopsis "Screen locking utility for Wayland compositors")