mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-11-24 16:03:23 +00:00
* Allow jobs to specify groups.
svn path=/nixos/trunk/; revision=8862
This commit is contained in:
parent
1f1db4c48f
commit
4d4387a70e
@ -13,6 +13,7 @@
|
||||
|
||||
gids = {
|
||||
root = 0;
|
||||
haldaemon = 5;
|
||||
users = 100;
|
||||
nixbld = 30000;
|
||||
nogroup = 65534;
|
||||
|
@ -48,20 +48,30 @@ rec {
|
||||
|
||||
# System groups.
|
||||
systemGroups =
|
||||
[
|
||||
{ name = "root";
|
||||
gid = ids.gids.root;
|
||||
}
|
||||
{ name = "nogroup";
|
||||
gid = ids.gids.nogroup;
|
||||
}
|
||||
{ name = "users";
|
||||
gid = ids.gids.users;
|
||||
}
|
||||
{ name = "nixbld";
|
||||
gid = ids.gids.nixbld;
|
||||
}
|
||||
];
|
||||
let
|
||||
jobGroups = pkgs.lib.concatLists (map (job: job.groups) upstartJobs.jobs);
|
||||
|
||||
defaultGroups =
|
||||
[
|
||||
{ name = "root";
|
||||
gid = ids.gids.root;
|
||||
}
|
||||
{ name = "nogroup";
|
||||
gid = ids.gids.nogroup;
|
||||
}
|
||||
{ name = "users";
|
||||
gid = ids.gids.users;
|
||||
}
|
||||
{ name = "nixbld";
|
||||
gid = ids.gids.nixbld;
|
||||
}
|
||||
];
|
||||
|
||||
addAttrs =
|
||||
{ name, gid ? "" }:
|
||||
{ inherit name gid; };
|
||||
|
||||
in map addAttrs (defaultGroups ++ jobGroups);
|
||||
|
||||
|
||||
# Awful hackery necessary to pass the users/groups to the activation script.
|
||||
|
@ -87,7 +87,7 @@ import ../upstart-jobs/gather.nix {
|
||||
|
||||
# Name service cache daemon.
|
||||
(import ../upstart-jobs/nscd.nix {
|
||||
inherit (pkgs) glibc pwdutils;
|
||||
inherit (pkgs) glibc;
|
||||
inherit nssModulesPath;
|
||||
})
|
||||
|
||||
@ -128,7 +128,7 @@ import ../upstart-jobs/gather.nix {
|
||||
# SSH daemon.
|
||||
++ optional ["services" "sshd" "enable"]
|
||||
(import ../upstart-jobs/sshd.nix {
|
||||
inherit (pkgs) writeText openssh glibc pwdutils;
|
||||
inherit (pkgs) writeText openssh glibc;
|
||||
inherit (pkgs.xorg) xauth;
|
||||
inherit nssModulesPath;
|
||||
forwardX11 = config.get ["services" "sshd" "forwardX11"];
|
||||
@ -139,7 +139,7 @@ import ../upstart-jobs/gather.nix {
|
||||
++ optional ["services" "ntp" "enable"]
|
||||
(import ../upstart-jobs/ntpd.nix {
|
||||
inherit modprobe;
|
||||
inherit (pkgs) ntp glibc pwdutils writeText;
|
||||
inherit (pkgs) ntp glibc writeText;
|
||||
servers = config.get ["services" "ntp" "servers"];
|
||||
})
|
||||
|
||||
@ -159,14 +159,14 @@ import ../upstart-jobs/gather.nix {
|
||||
++ optional ["services" "httpd" "enable"]
|
||||
(import ../upstart-jobs/httpd.nix {
|
||||
inherit config pkgs;
|
||||
inherit (pkgs) glibc pwdutils;
|
||||
inherit (pkgs) glibc;
|
||||
})
|
||||
|
||||
# Samba service.
|
||||
++ optional ["services" "samba" "enable"]
|
||||
(import ../upstart-jobs/samba.nix {
|
||||
inherit pkgs;
|
||||
inherit (pkgs) glibc pwdutils samba;
|
||||
inherit (pkgs) glibc samba;
|
||||
})
|
||||
|
||||
# CUPS (printing) daemon.
|
||||
|
@ -1,11 +1,5 @@
|
||||
{stdenv, hal}:
|
||||
|
||||
let
|
||||
|
||||
homeDir = "/var/run/dbus";
|
||||
|
||||
in
|
||||
|
||||
{
|
||||
name = "hal";
|
||||
|
||||
@ -13,7 +7,12 @@ in
|
||||
{ name = "haldaemon";
|
||||
uid = (import ../system/ids.nix).uids.haldaemon;
|
||||
description = "HAL daemon user";
|
||||
# home = homeDir;
|
||||
}
|
||||
];
|
||||
|
||||
groups = [
|
||||
{ name = "haldaemon";
|
||||
gid = (import ../system/ids.nix).gids.haldaemon;
|
||||
}
|
||||
];
|
||||
|
||||
|
@ -1,4 +1,4 @@
|
||||
{config, pkgs, glibc, pwdutils}:
|
||||
{config, pkgs, glibc}:
|
||||
|
||||
let
|
||||
|
||||
@ -86,6 +86,11 @@ in
|
||||
description = "Apache httpd user";
|
||||
}
|
||||
];
|
||||
|
||||
groups = [
|
||||
{ name = group;
|
||||
}
|
||||
];
|
||||
|
||||
job = "
|
||||
description \"Apache HTTPD\"
|
||||
@ -94,10 +99,6 @@ start on network-interfaces/started
|
||||
stop on network-interfaces/stop
|
||||
|
||||
start script
|
||||
if ! ${glibc}/bin/getent group ${group} > /dev/null; then
|
||||
${pwdutils}/sbin/groupadd ${group}
|
||||
fi
|
||||
|
||||
${webServer}/bin/control prepare
|
||||
end script
|
||||
|
||||
|
@ -22,4 +22,7 @@
|
||||
|
||||
# Allow jobs to declare user accounts that should be created.
|
||||
users = if job ? users then job.users else [];
|
||||
|
||||
# Allow jobs to declare groups that should be created.
|
||||
groups = if job ? groups then job.groups else [];
|
||||
}
|
||||
|
@ -1,4 +1,4 @@
|
||||
{glibc, pwdutils, nssModulesPath}:
|
||||
{glibc, nssModulesPath}:
|
||||
|
||||
{
|
||||
name = "nscd";
|
||||
|
@ -1,4 +1,4 @@
|
||||
{ntp, modprobe, glibc, pwdutils, writeText, servers}:
|
||||
{ntp, modprobe, glibc, writeText, servers}:
|
||||
|
||||
let
|
||||
|
||||
|
@ -1,4 +1,4 @@
|
||||
{pkgs, samba, glibc, pwdutils}:
|
||||
{pkgs, samba, glibc}:
|
||||
|
||||
let
|
||||
|
||||
@ -17,6 +17,11 @@ in
|
||||
}
|
||||
];
|
||||
|
||||
groups = [
|
||||
{ name = group;
|
||||
}
|
||||
];
|
||||
|
||||
job = "
|
||||
|
||||
description \"Samba Service\"
|
||||
@ -26,10 +31,6 @@ stop on network-interfaces/stop
|
||||
|
||||
start script
|
||||
|
||||
if ! ${glibc}/bin/getent group ${group} > /dev/null; then
|
||||
${pwdutils}/sbin/groupadd ${group}
|
||||
fi
|
||||
|
||||
${samba}/sbin/nmbd -D &
|
||||
${samba}/sbin/smbd -D &
|
||||
${samba}/sbin/winbindd -B &
|
||||
|
@ -1,4 +1,4 @@
|
||||
{ writeText, openssh, glibc, pwdutils, xauth
|
||||
{ writeText, openssh, glibc, xauth
|
||||
, nssModulesPath
|
||||
, forwardX11, allowSFTP
|
||||
}:
|
||||
|
Loading…
Reference in New Issue
Block a user