public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

* Allow jobs to specify groups.

Browse Source 
svn path=/nixos/trunk/; revision=8862
This commit is contained in:
Eelco Dolstra 2007-06-10 20:13:12 +00:00
parent 1f1db4c48f
commit 4d4387a70e
10 changed files with 54 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
system/ids.nix
View File

@ -13,6 +13,7 @@
gids = { gids = {
root = 0; root = 0;
haldaemon = 5;
users = 100; users = 100;
nixbld = 30000; nixbld = 30000;
nogroup = 65534; nogroup = 65534;

38
system/users-groups.nix
View File

@ -48,20 +48,30 @@ rec {
# System groups. # System groups.
systemGroups = systemGroups =
[ let
{ name = "root"; jobGroups = pkgs.lib.concatLists (map (job: job.groups) upstartJobs.jobs);
gid = ids.gids.root;
} defaultGroups =
{ name = "nogroup"; [
gid = ids.gids.nogroup; { name = "root";
} gid = ids.gids.root;
{ name = "users"; }
gid = ids.gids.users; { name = "nogroup";
} gid = ids.gids.nogroup;
{ name = "nixbld"; }
gid = ids.gids.nixbld; { name = "users";
} gid = ids.gids.users;
]; }
{ name = "nixbld";
gid = ids.gids.nixbld;
}
];
addAttrs =
{ name, gid ? "" }:
{ inherit name gid; };
in map addAttrs (defaultGroups ++ jobGroups);
# Awful hackery necessary to pass the users/groups to the activation script. # Awful hackery necessary to pass the users/groups to the activation script.

10
upstart-jobs/default.nix
View File

@ -87,7 +87,7 @@ import ../upstart-jobs/gather.nix {
# Name service cache daemon. # Name service cache daemon.
(import ../upstart-jobs/nscd.nix { (import ../upstart-jobs/nscd.nix {
inherit (pkgs) glibc pwdutils; inherit (pkgs) glibc;
inherit nssModulesPath; inherit nssModulesPath;
}) })
@ -128,7 +128,7 @@ import ../upstart-jobs/gather.nix {
# SSH daemon. # SSH daemon.
++ optional ["services" "sshd" "enable"] ++ optional ["services" "sshd" "enable"]
(import ../upstart-jobs/sshd.nix { (import ../upstart-jobs/sshd.nix {
inherit (pkgs) writeText openssh glibc pwdutils; inherit (pkgs) writeText openssh glibc;
inherit (pkgs.xorg) xauth; inherit (pkgs.xorg) xauth;
inherit nssModulesPath; inherit nssModulesPath;
forwardX11 = config.get ["services" "sshd" "forwardX11"]; forwardX11 = config.get ["services" "sshd" "forwardX11"];
@ -139,7 +139,7 @@ import ../upstart-jobs/gather.nix {
++ optional ["services" "ntp" "enable"] ++ optional ["services" "ntp" "enable"]
(import ../upstart-jobs/ntpd.nix { (import ../upstart-jobs/ntpd.nix {
inherit modprobe; inherit modprobe;
inherit (pkgs) ntp glibc pwdutils writeText; inherit (pkgs) ntp glibc writeText;
servers = config.get ["services" "ntp" "servers"]; servers = config.get ["services" "ntp" "servers"];
}) })
@ -159,14 +159,14 @@ import ../upstart-jobs/gather.nix {
++ optional ["services" "httpd" "enable"] ++ optional ["services" "httpd" "enable"]
(import ../upstart-jobs/httpd.nix { (import ../upstart-jobs/httpd.nix {
inherit config pkgs; inherit config pkgs;
inherit (pkgs) glibc pwdutils; inherit (pkgs) glibc;
}) })
# Samba service. # Samba service.
++ optional ["services" "samba" "enable"] ++ optional ["services" "samba" "enable"]
(import ../upstart-jobs/samba.nix { (import ../upstart-jobs/samba.nix {
inherit pkgs; inherit pkgs;
inherit (pkgs) glibc pwdutils samba; inherit (pkgs) glibc samba;
}) })
# CUPS (printing) daemon. # CUPS (printing) daemon.

13
upstart-jobs/hal.nix
View File

@ -1,11 +1,5 @@
{stdenv, hal}: {stdenv, hal}:
let
homeDir = "/var/run/dbus";
in
{ {
name = "hal"; name = "hal";
@ -13,7 +7,12 @@ in
{ name = "haldaemon"; { name = "haldaemon";
uid = (import ../system/ids.nix).uids.haldaemon; uid = (import ../system/ids.nix).uids.haldaemon;
description = "HAL daemon user"; description = "HAL daemon user";
# home = homeDir; }
];
groups = [
{ name = "haldaemon";
gid = (import ../system/ids.nix).gids.haldaemon;
} }
]; ];

11
upstart-jobs/httpd.nix
View File

@ -1,4 +1,4 @@
{config, pkgs, glibc, pwdutils}: {config, pkgs, glibc}:
let let
@ -86,6 +86,11 @@ in
description = "Apache httpd user"; description = "Apache httpd user";
} }
]; ];
groups = [
{ name = group;
}
];
job = " job = "
description \"Apache HTTPD\" description \"Apache HTTPD\"
@ -94,10 +99,6 @@ start on network-interfaces/started
stop on network-interfaces/stop stop on network-interfaces/stop
start script start script
if ! ${glibc}/bin/getent group ${group} > /dev/null; then
${pwdutils}/sbin/groupadd ${group}
fi
${webServer}/bin/control prepare ${webServer}/bin/control prepare
end script end script

3
upstart-jobs/make-job.nix
View File

@ -22,4 +22,7 @@
# Allow jobs to declare user accounts that should be created. # Allow jobs to declare user accounts that should be created.
users = if job ? users then job.users else []; users = if job ? users then job.users else [];
# Allow jobs to declare groups that should be created.
groups = if job ? groups then job.groups else [];
} }

2
upstart-jobs/nscd.nix
View File

@ -1,4 +1,4 @@
{glibc, pwdutils, nssModulesPath}: {glibc, nssModulesPath}:
{ {
name = "nscd"; name = "nscd";

2
upstart-jobs/ntpd.nix
View File

@ -1,4 +1,4 @@
{ntp, modprobe, glibc, pwdutils, writeText, servers}: {ntp, modprobe, glibc, writeText, servers}:
let let

11
upstart-jobs/samba.nix
View File

@ -1,4 +1,4 @@
{pkgs, samba, glibc, pwdutils}: {pkgs, samba, glibc}:
let let
@ -17,6 +17,11 @@ in
} }
]; ];
groups = [
{ name = group;
}
];
job = " job = "
description \"Samba Service\" description \"Samba Service\"
@ -26,10 +31,6 @@ stop on network-interfaces/stop
start script start script
if ! ${glibc}/bin/getent group ${group} > /dev/null; then
${pwdutils}/sbin/groupadd ${group}
fi
${samba}/sbin/nmbd -D & ${samba}/sbin/nmbd -D &
${samba}/sbin/smbd -D & ${samba}/sbin/smbd -D &
${samba}/sbin/winbindd -B & ${samba}/sbin/winbindd -B &

2
upstart-jobs/sshd.nix
View File

@ -1,4 +1,4 @@
{ writeText, openssh, glibc, pwdutils, xauth { writeText, openssh, glibc, xauth
, nssModulesPath , nssModulesPath
, forwardX11, allowSFTP , forwardX11, allowSFTP
}: }: