From patchwork Thu Jun  8 15:14:35 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: sirgazil--- via Guix-patches via <guix-patches@gnu.org>
X-Patchwork-Id: 50766
Return-Path: <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>
X-Original-To: patchwork@mira.cbaines.net
Delivered-To: patchwork@mira.cbaines.net
Received: by mira.cbaines.net (Postfix, from userid 113)
	id 7697527BBEA; Thu,  8 Jun 2023 16:18:20 +0100 (BST)
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on mira.cbaines.net
X-Spam-Level: 
X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00,DKIM_INVALID,
	DKIM_SIGNED,MAILING_LIST_MULTI,SPF_HELO_PASS,URIBL_BLOCKED
	autolearn=ham autolearn_force=no version=3.4.6
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	by mira.cbaines.net (Postfix) with ESMTPS id BECC627BBEC
	for <patchwork@mira.cbaines.net>; Thu,  8 Jun 2023 16:18:17 +0100 (BST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <guix-patches-bounces@gnu.org>)
	id 1q7HOu-0003Yn-Mr; Thu, 08 Jun 2023 11:18:12 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1q7HOm-0002vP-4o
 for guix-patches@gnu.org; Thu, 08 Jun 2023 11:18:05 -0400
Received: from debbugs.gnu.org ([209.51.188.43])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1q7HOk-0000c0-9x
 for guix-patches@gnu.org; Thu, 08 Jun 2023 11:18:02 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1q7HOk-0002kh-3k
 for guix-patches@gnu.org; Thu, 08 Jun 2023 11:18:02 -0400
X-Loop: help-debbugs@gnu.org
Subject: [bug#63955] [PATCH 1/5] utils: Add insert-before.
References: <20230607171353.8445-1-wurt@wurtshell.com>
In-Reply-To: <20230607171353.8445-1-wurt@wurtshell.com>
Resent-From: wurt@wurtshell.com
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: guix-patches@gnu.org
Resent-Date: Thu, 08 Jun 2023 15:18:02 +0000
Resent-Message-ID: <handler.63955.B63955.168623743110406@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 63955
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: 63955@debbugs.gnu.org
Cc: Carlos =?utf-8?b?RHVyw6FuIERvbcOtbmd1ZXo=?= <wurt@wurtshell.com>
Received: via spool by 63955-submit@debbugs.gnu.org id=B63955.168623743110406
 (code B ref 63955); Thu, 08 Jun 2023 15:18:02 +0000
Received: (at 63955) by debbugs.gnu.org; 8 Jun 2023 15:17:11 +0000
Received: from localhost ([127.0.0.1]:57213 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1q7HNv-0002hj-CQ
 for submit@debbugs.gnu.org; Thu, 08 Jun 2023 11:17:11 -0400
Received: from mail.wurtshell.com ([141.94.77.195]:36076 helo=wurtshell.com)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <wurt@wurtshell.com>) id 1q7HNn-0002gY-LK
 for 63955@debbugs.gnu.org; Thu, 08 Jun 2023 11:17:07 -0400
Received: from localhost.localdomain (unknown
 [IPv6:2a0c:5a80:8000:bb00:e206:e6ff:fe9a:ab42])
 by wurtshell.com (Postfix) with ESMTPSA id E70D1605F3;
 Thu,  8 Jun 2023 15:16:56 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wurtshell.com;
 s=mail; t=1686237417;
 bh=DZX35Vhh7SLMaIdU+kPsmpOMEsThFpeCMQCUBICz8rk=;
 h=From:To:Cc:Subject:Date:From;
 b=oFvjAPPQpwz8vSNsMJ9TTQ84qpexeGkKq1FPb118HcQSpTqlP+GX/Gok/eWO4XBy4
 5Kpi1ZqB2LTWcQmOngYIXNybynmxryBXt+oXTeGoXZ2si1jEZbN0y9DTBWn82r/w9f
 03qtc8V7kEgV0+RSoqG3WLhDll/jmw2H0RMm/vP18kGVDk0ve1UBKVsap+mmmTfDZQ
 XlEnDffgJVelnO99eIpoM/rbGvWlPSvD2JMaxmd3vrurTIX88EO97g3VE6fEwdxKWy
 /whzg2jHNGwlQsaSOm4qz9na3YvZt+17mVd9Dm1TeHdpJdcOb93tgk6m235597Kl/7
 sGdlZgw+HqezA==
Date: Thu,  8 Jun 2023 17:14:35 +0200
Message-Id: <20230608151438.1280-1-wurt@wurtshell.com>
X-Mailer: git-send-email 2.40.1
MIME-Version: 1.0
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-BeenThere: guix-patches@gnu.org
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-patches>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=subscribe>
Reply-to: wurt@wurtshell.com
X-ACL-Warn: ,  wurt--- via Guix-patches <guix-patches@gnu.org>
X-Patchwork-Original-From: wurt--- via Guix-patches via <guix-patches@gnu.org>
From: sirgazil--- via Guix-patches via <guix-patches@gnu.org>
Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org
Sender: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org
X-getmail-retrieved-from-mailbox: Patches

From: Carlos Durán Domínguez <wurt@wurtshell.com>
---
 guix/utils.scm | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/guix/utils.scm b/guix/utils.scm
index b9657df292..5773b55116 100644
--- a/guix/utils.scm
+++ b/guix/utils.scm
@@ -17,6 +17,7 @@
 ;;; Copyright © 2022 Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
 ;;; Copyright © 2022 Antero Mejr <antero@mailbox.org>
 ;;; Copyright © 2023 Philip McGrath <philip@philipmcgrath.com>
+;;; Copyright © 2023 Carlos Durán Domínguez <wurt@wurtshell.com>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -149,7 +150,9 @@ (define-module (guix utils)
             string-distance
             string-closest
 
-            pretty-print-table))
+            pretty-print-table
+
+            insert-before))
 
 
 ;;;
@@ -1128,6 +1131,19 @@ (define* (string-closest trial tests #:key (threshold 3))
            #f +inf.0
            tests)))
 
+
+;;;
+;;; List modification.
+;;;
+
+(define (insert-before pred lst1 lst2)
+  "Return a list appending LST2 just before the first element on LST1 that
+ satisfy the predicate PRED."
+  (cond
+   ((null? lst1) lst2)
+   ((pred (car lst1)) (append lst2 lst1))
+   (else (cons (car lst1) (insert-before pred (cdr lst1) lst2)))))
+
 
 ;;;
 ;;; Prettified output.

From patchwork Thu Jun  8 15:14:36 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: sirgazil--- via Guix-patches via <guix-patches@gnu.org>
X-Patchwork-Id: 50767
Return-Path: <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>
X-Original-To: patchwork@mira.cbaines.net
Delivered-To: patchwork@mira.cbaines.net
Received: by mira.cbaines.net (Postfix, from userid 113)
	id 02FB027BBE9; Thu,  8 Jun 2023 16:18:21 +0100 (BST)
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on mira.cbaines.net
X-Spam-Level: 
X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00,DKIM_INVALID,
	DKIM_SIGNED,MAILING_LIST_MULTI,SPF_HELO_PASS,URIBL_BLOCKED
	autolearn=unavailable autolearn_force=no version=3.4.6
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	by mira.cbaines.net (Postfix) with ESMTPS id 910A627BBE2
	for <patchwork@mira.cbaines.net>; Thu,  8 Jun 2023 16:18:16 +0100 (BST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <guix-patches-bounces@gnu.org>)
	id 1q7HOu-0003TN-HY; Thu, 08 Jun 2023 11:18:12 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1q7HOm-0002vd-4n
 for guix-patches@gnu.org; Thu, 08 Jun 2023 11:18:05 -0400
Received: from debbugs.gnu.org ([209.51.188.43])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1q7HOk-0000bq-IZ
 for guix-patches@gnu.org; Thu, 08 Jun 2023 11:18:02 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1q7HOj-0002kZ-Mc
 for guix-patches@gnu.org; Thu, 08 Jun 2023 11:18:01 -0400
X-Loop: help-debbugs@gnu.org
Subject: [bug#63955] [PATCH 2/5] system: pam: Add pam-gnupg-module?.
Resent-From: wurt@wurtshell.com
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: guix-patches@gnu.org
Resent-Date: Thu, 08 Jun 2023 15:18:01 +0000
Resent-Message-ID: <handler.63955.B63955.168623742910388@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 63955
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: 63955@debbugs.gnu.org
Cc: Carlos =?utf-8?b?RHVyw6FuIERvbcOtbmd1ZXo=?= <wurt@wurtshell.com>
Received: via spool by 63955-submit@debbugs.gnu.org id=B63955.168623742910388
 (code B ref 63955); Thu, 08 Jun 2023 15:18:01 +0000
Received: (at 63955) by debbugs.gnu.org; 8 Jun 2023 15:17:09 +0000
Received: from localhost ([127.0.0.1]:57210 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1q7HNs-0002hN-LF
 for submit@debbugs.gnu.org; Thu, 08 Jun 2023 11:17:09 -0400
Received: from mail.wurtshell.com ([141.94.77.195]:57694 helo=wurtshell.com)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <wurt@wurtshell.com>) id 1q7HNn-0002ga-Vc
 for 63955@debbugs.gnu.org; Thu, 08 Jun 2023 11:17:07 -0400
Received: from localhost.localdomain (unknown
 [IPv6:2a0c:5a80:8000:bb00:e206:e6ff:fe9a:ab42])
 by wurtshell.com (Postfix) with ESMTPSA id 3A50A60AEB;
 Thu,  8 Jun 2023 15:16:58 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wurtshell.com;
 s=mail; t=1686237418;
 bh=kZCUhng4/pqK5n1bhDEYHvsb+bh5nk1CYSCCR6g9MNw=;
 h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
 b=PJhTjkie1m/D04IKABx3GCq+CNok9xTGYfQnkDpONunuOuCbgVujuS6nQwZKPKpfG
 vuZ0lYTMF0kKuWmNodlxF/BX5a76nEl0vHYdJQVNefhHGB/DntQv7qLciFqsITebD8
 SMrqjSX+V0KIbjOOSjvS+V9+jcklNDvggZXv63Hl4pWNCvCFVY76RugSybMd78B6x6
 A56Xh9470+LmWtW/XxpI61oZJfNjX8M/fxvtiAe744MrVeLy6gebwOu98mUCqJ5FFM
 2D7sqg7P3awb7VgPW8Ma0O2QwlGt5yoI2I0yYmOrOqIZlHqZqH0iwPgve/BkYcSapI
 4EhnHN/aJDS+w==
Date: Thu,  8 Jun 2023 17:14:36 +0200
Message-Id: <20230608151438.1280-2-wurt@wurtshell.com>
X-Mailer: git-send-email 2.40.1
In-Reply-To: <20230608151438.1280-1-wurt@wurtshell.com>
References: <20230608151438.1280-1-wurt@wurtshell.com>
MIME-Version: 1.0
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-BeenThere: guix-patches@gnu.org
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-patches>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=subscribe>
Reply-to: wurt@wurtshell.com
X-ACL-Warn: ,  wurt--- via Guix-patches <guix-patches@gnu.org>
X-Patchwork-Original-From: wurt--- via Guix-patches via <guix-patches@gnu.org>
From: sirgazil--- via Guix-patches via <guix-patches@gnu.org>
Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org
Sender: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org
X-getmail-retrieved-from-mailbox: Patches

From: Carlos Durán Domínguez <wurt@wurtshell.com>
---
 gnu/system/pam.scm | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/gnu/system/pam.scm b/gnu/system/pam.scm
index a035a92e25..7198815ad6 100644
--- a/gnu/system/pam.scm
+++ b/gnu/system/pam.scm
@@ -1,6 +1,7 @@
 ;;; GNU Guix --- Functional package management for GNU
 ;;; Copyright © 2013-2017, 2019-2021 Ludovic Courtès <ludo@gnu.org>
 ;;; Copyright © 2023 Josselin Poiret <dev@jpoiret.xyz>
+;;; Copyright © 2023 Carlos Durán Domínguez <wurt@wurtshell.com>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -64,7 +65,9 @@ (define-module (gnu system pam)
             pam-extension-shepherd-requirements
 
             pam-root-service-type
-            pam-root-service))
+            pam-root-service
+
+            pam-gnupg-module?))
 
 ;;; Commentary:
 ;;;
@@ -454,4 +457,9 @@ (define* (pam-root-service base #:key (transformers '()) (shepherd-requirements
                               (transformers transformers)
                               (shepherd-requirements shepherd-requirements))))
 
+(define (pam-gnupg-module? name)
+  "Return `#t' if NAME is the path to the pam-gnupg module, `#f' otherwise."
+  (equal? (pam-entry-module name)
+          (file-append pam-gnupg "/lib/security/pam_gnupg.so")))
+
 

From patchwork Thu Jun  8 15:14:37 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: sirgazil--- via Guix-patches via <guix-patches@gnu.org>
X-Patchwork-Id: 50768
Return-Path: <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>
X-Original-To: patchwork@mira.cbaines.net
Delivered-To: patchwork@mira.cbaines.net
Received: by mira.cbaines.net (Postfix, from userid 113)
	id 78E9527BBEA; Thu,  8 Jun 2023 16:18:28 +0100 (BST)
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on mira.cbaines.net
X-Spam-Level: 
X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00,DKIM_INVALID,
	DKIM_SIGNED,MAILING_LIST_MULTI,SPF_HELO_PASS,URIBL_BLOCKED
	autolearn=ham autolearn_force=no version=3.4.6
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	by mira.cbaines.net (Postfix) with ESMTPS id CAE0527BBE2
	for <patchwork@mira.cbaines.net>; Thu,  8 Jun 2023 16:18:27 +0100 (BST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <guix-patches-bounces@gnu.org>)
	id 1q7HOv-0003eC-6m; Thu, 08 Jun 2023 11:18:13 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1q7HOm-0002ve-4w
 for guix-patches@gnu.org; Thu, 08 Jun 2023 11:18:05 -0400
Received: from debbugs.gnu.org ([209.51.188.43])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1q7HOk-0000cO-T6
 for guix-patches@gnu.org; Thu, 08 Jun 2023 11:18:02 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1q7HOk-0002ko-H7
 for guix-patches@gnu.org; Thu, 08 Jun 2023 11:18:02 -0400
X-Loop: help-debbugs@gnu.org
Subject: [bug#63955] [PATCH 3/5] services: pam-mount: Fix pam-gnupg
 incompatibility.
Resent-From: wurt@wurtshell.com
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: guix-patches@gnu.org
Resent-Date: Thu, 08 Jun 2023 15:18:02 +0000
Resent-Message-ID: <handler.63955.B63955.168623743210413@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 63955
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: 63955@debbugs.gnu.org
Cc: Carlos =?utf-8?b?RHVyw6FuIERvbcOtbmd1ZXo=?= <wurt@wurtshell.com>
Received: via spool by 63955-submit@debbugs.gnu.org id=B63955.168623743210413
 (code B ref 63955); Thu, 08 Jun 2023 15:18:02 +0000
Received: (at 63955) by debbugs.gnu.org; 8 Jun 2023 15:17:12 +0000
Received: from localhost ([127.0.0.1]:57215 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1q7HNv-0002hn-Of
 for submit@debbugs.gnu.org; Thu, 08 Jun 2023 11:17:12 -0400
Received: from mail.wurtshell.com ([141.94.77.195]:57702 helo=wurtshell.com)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <wurt@wurtshell.com>) id 1q7HNr-0002gl-G3
 for 63955@debbugs.gnu.org; Thu, 08 Jun 2023 11:17:08 -0400
Received: from localhost.localdomain (unknown
 [IPv6:2a0c:5a80:8000:bb00:e206:e6ff:fe9a:ab42])
 by wurtshell.com (Postfix) with ESMTPSA id D058D60AED;
 Thu,  8 Jun 2023 15:17:00 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wurtshell.com;
 s=mail; t=1686237420;
 bh=/7cj1DSNmxrjW/Siyv4bGVo59NS2LtAhHNTSVQqEFlE=;
 h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
 b=mI9pxXOc7ELClc+a0HQPBeFxkFmQZa9YxLuUu6hvSrzwrajXGLc5fy2h+P/Atmfbs
 lxCG/OHbynni8GkEYfsi8Xr76QuCZXRpRzs5sZ0aBT6I0eUv+vttp39vSKPybBA4pK
 tExbA0mW9OpWtPRNWncYvEjC99eyIcvCfHWosNw2B7Bc6VAMGMF3fS97CYSuV6cQiP
 BMr2xtspZj+opi7+pmvbKOn7PPopCKw0IzJRZU2fK5WTxltQmamT8cXsoJiDAr5bWo
 7uNO4j3PAqvRG3gQ7gGjyg1jJXl7a28WzLEZb9Et/i4LVfknBZGAJrumug2QrJtceO
 JdsOUf0voeicw==
Date: Thu,  8 Jun 2023 17:14:37 +0200
Message-Id: <20230608151438.1280-3-wurt@wurtshell.com>
X-Mailer: git-send-email 2.40.1
In-Reply-To: <20230608151438.1280-1-wurt@wurtshell.com>
References: <20230608151438.1280-1-wurt@wurtshell.com>
MIME-Version: 1.0
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-BeenThere: guix-patches@gnu.org
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-patches>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=subscribe>
Reply-to: wurt@wurtshell.com
X-ACL-Warn: ,  wurt--- via Guix-patches <guix-patches@gnu.org>
X-Patchwork-Original-From: wurt--- via Guix-patches via <guix-patches@gnu.org>
From: sirgazil--- via Guix-patches via <guix-patches@gnu.org>
Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org
Sender: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org
X-getmail-retrieved-from-mailbox: Patches

From: Carlos Durán Domínguez <wurt@wurtshell.com>
---
 gnu/services/pam-mount.scm | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/gnu/services/pam-mount.scm b/gnu/services/pam-mount.scm
index 21c34ddd61..1900c44a86 100644
--- a/gnu/services/pam-mount.scm
+++ b/gnu/services/pam-mount.scm
@@ -1,5 +1,6 @@
 ;;; GNU Guix --- Functional package management for GNU
 ;;; Copyright © 2019 Guillaume Le Vaillant <glv@posteo.net>
+;;; Copyright © 2023 Carlos Durán Domínguez <wurt@wurtshell.com>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -17,6 +18,7 @@
 ;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
 
 (define-module (gnu services pam-mount)
+  #:use-module (guix utils)
   #:use-module (gnu packages admin)
   #:use-module (gnu services)
   #:use-module (gnu services configuration)
@@ -96,10 +98,12 @@ (module #~(string-append #$pam-mount "/lib/security/pam_mount.so"))))
                    '("login" "greetd" "su" "slim" "gdm-password" "sddm"))
            (pam-service
             (inherit pam)
-            (auth (append (pam-service-auth pam)
-                          (list optional-pam-mount)))
-            (session (append (pam-service-session pam)
-                             (list optional-pam-mount))))
+            (auth (insert-before pam-gnupg-module?
+                                 (pam-service-auth pam)
+                                 (list optional-pam-mount)))
+            (session (insert-before pam-gnupg-module?
+                                    (pam-service-session pam)
+                                    (list optional-pam-mount))))
            pam))))))
 
 (define pam-mount-service-type

From patchwork Thu Jun  8 15:14:38 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: sirgazil--- via Guix-patches via <guix-patches@gnu.org>
X-Patchwork-Id: 50769
Return-Path: <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>
X-Original-To: patchwork@mira.cbaines.net
Delivered-To: patchwork@mira.cbaines.net
Received: by mira.cbaines.net (Postfix, from userid 113)
	id 3835C27BBE2; Thu,  8 Jun 2023 16:18:31 +0100 (BST)
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on mira.cbaines.net
X-Spam-Level: 
X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00,DKIM_INVALID,
	DKIM_SIGNED,MAILING_LIST_MULTI,SPF_HELO_PASS,URIBL_BLOCKED
	autolearn=ham autolearn_force=no version=3.4.6
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	by mira.cbaines.net (Postfix) with ESMTPS id 05F2427BBEA
	for <patchwork@mira.cbaines.net>; Thu,  8 Jun 2023 16:18:30 +0100 (BST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <guix-patches-bounces@gnu.org>)
	id 1q7HOv-0003hS-HQ; Thu, 08 Jun 2023 11:18:13 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1q7HOn-0002yz-5h
 for guix-patches@gnu.org; Thu, 08 Jun 2023 11:18:07 -0400
Received: from debbugs.gnu.org ([209.51.188.43])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1q7HOm-0000eK-4s
 for guix-patches@gnu.org; Thu, 08 Jun 2023 11:18:04 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1q7HOl-0002kv-0T
 for guix-patches@gnu.org; Thu, 08 Jun 2023 11:18:03 -0400
X-Loop: help-debbugs@gnu.org
Subject: [bug#63955] [PATCH 4/5] services: greetd: Add pam-gnupg support.
Resent-From: wurt@wurtshell.com
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: guix-patches@gnu.org
Resent-Date: Thu, 08 Jun 2023 15:18:02 +0000
Resent-Message-ID: <handler.63955.B63955.168623743210423@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 63955
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: 63955@debbugs.gnu.org
Cc: Carlos =?utf-8?b?RHVyw6FuIERvbcOtbmd1ZXo=?= <wurt@wurtshell.com>
Received: via spool by 63955-submit@debbugs.gnu.org id=B63955.168623743210423
 (code B ref 63955); Thu, 08 Jun 2023 15:18:02 +0000
Received: (at 63955) by debbugs.gnu.org; 8 Jun 2023 15:17:12 +0000
Received: from localhost ([127.0.0.1]:57217 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1q7HNw-0002hz-5h
 for submit@debbugs.gnu.org; Thu, 08 Jun 2023 11:17:12 -0400
Received: from mail.wurtshell.com ([141.94.77.195]:57718 helo=wurtshell.com)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <wurt@wurtshell.com>) id 1q7HNr-0002h0-SG
 for 63955@debbugs.gnu.org; Thu, 08 Jun 2023 11:17:08 -0400
Received: from localhost.localdomain (unknown
 [IPv6:2a0c:5a80:8000:bb00:e206:e6ff:fe9a:ab42])
 by wurtshell.com (Postfix) with ESMTPSA id 19BAD60AEF;
 Thu,  8 Jun 2023 15:17:02 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wurtshell.com;
 s=mail; t=1686237422;
 bh=lFPI8dtCNH6syn3BzU8ysduyY7f6uOefIhxBSprZg8s=;
 h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
 b=SyY6vpBDEWfgPYOmM66YHiVsBPM1Xd0bUl4sdwPVR0bfaJhS1fH+riuyqROxYEZ6+
 kiPbHr8bc1Wx6kvzOSzqNexashGvNz2c174IEK05v2UZywg/o4tNcN5JJvn1MQQNXU
 Ww46dbO4b44wE12MZ3DFZo7s+keOwYuks/CIW0wCYYqYfDvvuIx+snYFDu2RXZj/eM
 VXH1SvXZCVWOibeplNX4D6WlDgbsH9DG389W071dbDnpswUCxP5m5ek8DfGzqfj6pE
 Hx7JUk9cy8GlGdVqZB9vijAQ6WvWjgFNhmEls7Mtq0JirMrGIJpr72HJ2Gng1PZETV
 BEbm3B4KhvQyg==
Date: Thu,  8 Jun 2023 17:14:38 +0200
Message-Id: <20230608151438.1280-4-wurt@wurtshell.com>
X-Mailer: git-send-email 2.40.1
In-Reply-To: <20230608151438.1280-1-wurt@wurtshell.com>
References: <20230608151438.1280-1-wurt@wurtshell.com>
MIME-Version: 1.0
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-BeenThere: guix-patches@gnu.org
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-patches>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=subscribe>
Reply-to: wurt@wurtshell.com
X-ACL-Warn: ,  wurt--- via Guix-patches <guix-patches@gnu.org>
X-Patchwork-Original-From: wurt--- via Guix-patches via <guix-patches@gnu.org>
From: sirgazil--- via Guix-patches via <guix-patches@gnu.org>
Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org
Sender: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org
X-getmail-retrieved-from-mailbox: Patches

From: Carlos Durán Domínguez <wurt@wurtshell.com>
---
 doc/guix.texi         |  9 ++++++++
 gnu/services/base.scm | 48 +++++++++++++++++++++++++------------------
 2 files changed, 37 insertions(+), 20 deletions(-)

diff --git a/doc/guix.texi b/doc/guix.texi
index 01f4e0105f..fe3ae7f2df 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -116,6 +116,7 @@ Copyright @copyright{} 2022 Antero Mejr@*
 Copyright @copyright{} 2023 Karl Hallsby@*
 Copyright @copyright{} 2023 Nathaniel Nicandro@*
 Copyright @copyright{} 2023 Tanguy Le Carrour@*
+Copyright @copyright{} 2023 Carlos Durán Domínguez@*
 
 Permission is granted to copy, distribute and/or modify this document
 under the terms of the GNU Free Documentation License, Version 1.3 or
@@ -19373,6 +19374,14 @@ A file-like object containing the ``message of the day''.
 Allow empty passwords by default so that first-time users can log in when
 the 'root' account has just been created.
 
+@item @code{gnupg?} (default: @code{#f})
+If enabled, @code{pam-gnupg} will attempt to automatically unlock the
+user's GPG keys with the login password via @code{gpg-agent}.  The
+keygrips of all keys to be unlocked should be written to
+@file{~/.pam-gnupg}, and can be queried with @code{gpg -K
+--with-keygrip}.  Presetting passphrases must be enabled by adding
+@code{allow-preset-passphrase} in @file{~/.gnupg/gpg-agent.conf}.
+
 @item @code{terminals} (default: @code{'()})
 List of @code{greetd-terminal-configuration} per terminal for which
 @code{greetd} should be started.
diff --git a/gnu/services/base.scm b/gnu/services/base.scm
index c5b06b57e8..4e93ee4991 100644
--- a/gnu/services/base.scm
+++ b/gnu/services/base.scm
@@ -21,6 +21,7 @@
 ;;; Copyright © 2022 Justin Veilleux <terramorpha@cock.li>
 ;;; Copyright © 2022 ( <paren@disroot.org>
 ;;; Copyright © 2023 Bruno Victal <mirai@makinata.eu>
+;;; Copyright © 2023 Carlos Durán Domínguez <wurt@wurtshell.com>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -38,6 +39,7 @@
 ;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
 
 (define-module (gnu services base)
+  #:use-module (guix utils)
   #:use-module (guix store)
   #:use-module (guix deprecation)
   #:autoload   (guix diagnostics) (warning formatted-message &fix-hint)
@@ -3221,6 +3223,7 @@ (define-record-type* <greetd-configuration>
   greetd-configuration?
   (motd greetd-motd (default %default-motd))
   (allow-empty-passwords? greetd-allow-empty-passwords? (default #t))
+  (gnupg? greetd-gnupg? (default #f))
   (terminals greetd-terminals (default '()))
   (greeter-supplementary-groups greetd-greeter-supplementary-groups (default '())))
 
@@ -3259,26 +3262,31 @@ (define optional-pam-mount
      (control "optional")
      (module #~(string-append #$greetd-pam-mount "/lib/security/pam_mount.so"))
      (arguments '("disable_interactive"))))
-
-  (list
-   (unix-pam-service "greetd"
-                     #:login-uid? #t
-                     #:allow-empty-passwords?
-                     (greetd-allow-empty-passwords? config)
-                     #:motd
-                     (greetd-motd config))
-   (pam-extension
-    (transformer
-     (lambda (pam)
-       (if (member (pam-service-name pam)
-                   '("login" "greetd" "su" "slim" "gdm-password"))
-           (pam-service
-            (inherit pam)
-            (auth (append (pam-service-auth pam)
-                          (list optional-pam-mount)))
-            (session (append (pam-service-session pam)
-                             (list optional-pam-mount))))
-           pam))))))
+  (define (optional-pam-mount-transformer pam)
+    (if (member (pam-service-name pam)
+                '("login" "greetd" "su" "slim" "gdm-password"))
+        (pam-service
+         (inherit pam)
+         ;; SLiM could have pam-gnupg module, and pam-mount must be before it.
+         (auth (insert-before pam-gnupg-module?
+                              (pam-service-auth pam)
+                              (list optional-pam-mount)))
+         (session (insert-before pam-gnupg-module?
+                                 (pam-service-session pam)
+                                 (list optional-pam-mount))))
+        pam))
+
+  (list (unix-pam-service "greetd"
+                          #:login-uid? #t
+                          #:allow-empty-passwords?
+                          (greetd-allow-empty-passwords? config)
+                          #:gnupg?
+                          (greetd-gnupg? config)
+                          #:motd
+                          (greetd-motd config))
+        (pam-extension
+         (transformer
+          optional-pam-mount-transformer))))
 
 (define (greetd-shepherd-services config)
   (map

From patchwork Thu Jun  8 15:14:39 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: sirgazil--- via Guix-patches via <guix-patches@gnu.org>
X-Patchwork-Id: 50765
Return-Path: <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>
X-Original-To: patchwork@mira.cbaines.net
Delivered-To: patchwork@mira.cbaines.net
Received: by mira.cbaines.net (Postfix, from userid 113)
	id DDF3B27BBE9; Thu,  8 Jun 2023 16:18:19 +0100 (BST)
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on mira.cbaines.net
X-Spam-Level: 
X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00,DKIM_INVALID,
	DKIM_SIGNED,MAILING_LIST_MULTI,SPF_HELO_PASS,URIBL_BLOCKED
	autolearn=ham autolearn_force=no version=3.4.6
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	by mira.cbaines.net (Postfix) with ESMTPS id 93EBB27BBEA
	for <patchwork@mira.cbaines.net>; Thu,  8 Jun 2023 16:18:16 +0100 (BST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <guix-patches-bounces@gnu.org>)
	id 1q7HOv-0003dE-12; Thu, 08 Jun 2023 11:18:13 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1q7HOn-0002zG-5v
 for guix-patches@gnu.org; Thu, 08 Jun 2023 11:18:07 -0400
Received: from debbugs.gnu.org ([209.51.188.43])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1q7HOl-0000e6-Ik
 for guix-patches@gnu.org; Thu, 08 Jun 2023 11:18:04 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1q7HOl-0002l2-CM
 for guix-patches@gnu.org; Thu, 08 Jun 2023 11:18:03 -0400
X-Loop: help-debbugs@gnu.org
Subject: [bug#63955] [PATCH 5/5] system: pam: Fix unix pam module order.
Resent-From: wurt@wurtshell.com
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: guix-patches@gnu.org
Resent-Date: Thu, 08 Jun 2023 15:18:03 +0000
Resent-Message-ID: <handler.63955.B63955.168623743310432@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 63955
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: 63955@debbugs.gnu.org
Cc: Carlos =?utf-8?b?RHVyw6FuIERvbcOtbmd1ZXo=?= <wurt@wurtshell.com>
Received: via spool by 63955-submit@debbugs.gnu.org id=B63955.168623743310432
 (code B ref 63955); Thu, 08 Jun 2023 15:18:03 +0000
Received: (at 63955) by debbugs.gnu.org; 8 Jun 2023 15:17:13 +0000
Received: from localhost ([127.0.0.1]:57219 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1q7HNw-0002i4-Oa
 for submit@debbugs.gnu.org; Thu, 08 Jun 2023 11:17:13 -0400
Received: from mail.wurtshell.com ([141.94.77.195]:57720 helo=wurtshell.com)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <wurt@wurtshell.com>) id 1q7HNs-0002h2-QI
 for 63955@debbugs.gnu.org; Thu, 08 Jun 2023 11:17:09 -0400
Received: from localhost.localdomain (unknown
 [IPv6:2a0c:5a80:8000:bb00:e206:e6ff:fe9a:ab42])
 by wurtshell.com (Postfix) with ESMTPSA id 3E42C60AF1;
 Thu,  8 Jun 2023 15:17:03 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wurtshell.com;
 s=mail; t=1686237423;
 bh=8GN45o87lBBGr9OwxgbCYM7vIwKWu9mvx5xP7nEZWmo=;
 h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
 b=WO5+78q00LYPSfIRTmPlCWbx0Njp0o3oQe/pRSU7dC37jQz3BPc71YoWRidBv46m6
 /WEF7g6FqmN8Q72N5s8FwIW3KkOl0MBIkSGlD/gW2y9AD0BQkZkI/fa8A+ciqX4QVW
 3G2sjOFkvzfhXM7Z6bM3mzgzAT0YZGM62CycmGvJelDuL9TUO1G0zsjLUuKYK8EAzL
 oEsTZuwSSKQfcHW3mbNCoz6cWk/ZDrt5FCbe/uxtQR0DSH95si6gdXxhC56GPqKhIm
 ilD/wTQLX6RZQlIe/fbmX/l07l/ZnqNbB4ecWx5SDHtFlDNCnglFMUXC8j1e7NucZj
 fxPQ89SYP+ltQ==
Date: Thu,  8 Jun 2023 17:14:39 +0200
Message-Id: <20230608151438.1280-5-wurt@wurtshell.com>
X-Mailer: git-send-email 2.40.1
In-Reply-To: <20230608151438.1280-1-wurt@wurtshell.com>
References: <20230608151438.1280-1-wurt@wurtshell.com>
MIME-Version: 1.0
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-BeenThere: guix-patches@gnu.org
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-patches>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=subscribe>
Reply-to: wurt@wurtshell.com
X-ACL-Warn: ,  wurt--- via Guix-patches <guix-patches@gnu.org>
X-Patchwork-Original-From: wurt--- via Guix-patches via <guix-patches@gnu.org>
From: sirgazil--- via Guix-patches via <guix-patches@gnu.org>
Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org
Sender: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org
X-getmail-retrieved-from-mailbox: Patches

From: Carlos Durán Domínguez <wurt@wurtshell.com>
---
 gnu/system/pam.scm | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/gnu/system/pam.scm b/gnu/system/pam.scm
index 7198815ad6..5db195b72e 100644
--- a/gnu/system/pam.scm
+++ b/gnu/system/pam.scm
@@ -267,12 +267,12 @@ (module "pam_motd.so")
                                (control "required")
                                (module "pam_loginuid.so")))
                         '())
+                  ,env ,unix
                   ,@(if gnupg?
                         (list (pam-entry
                                (control "required")
                                (module (file-append pam-gnupg "/lib/security/pam_gnupg.so"))))
-                        '())
-                  ,env ,unix))))))
+                        '())))))))
 
 (define (rootok-pam-service command)
   "Return a PAM service for COMMAND such that 'root' does not need to