public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
nixpkgs/modules/services/scheduling/atd.nix
Eelco Dolstra dba1d48b78 * Move the uid/gid mappings into a module. This allows other modules 
to use it through config.ids.{uids,gids} rather than `import
  relative-path/ids.nix'.

svn path=/nixos/branches/modular-nixos/; revision=15796
2009-05-29 14:25:56 +00:00

141 lines
2.6 KiB
Nix
Raw Blame History

{pkgs, config, ...}:
###### interface
let
inherit (pkgs.lib) mkOption;
options = {
services = {
atd = {
enable = mkOption {
default = true;
description = ''
Whether to enable the `at' daemon, a command scheduler.
'';
};
allowEveryone = mkOption {
default = false;
description = ''
Whether to make /var/spool/at{jobs,spool} writeable
by everyone (and sticky). This is normally not needed since
the `at' commands are setuid/setgid `atd'.
'';
};
};
};
};
in
###### implementation
let
cfg = config.services.atd;
inherit (pkgs.lib) mkIf;
inherit (pkgs) at;
user = {
name = "atd";
uid = config.ids.uids.atd;
description = "atd user";
home = "/var/empty";
};
group = {
name = "atd";
gid = config.ids.gids.atd;
};
job = ''
description "at daemon (atd)"
start on startup
stop on shutdown
start script
# Snippets taken and adapted from the original `install' rule of
# the makefile.
# We assume these values are those actually used in Nixpkgs for
# `at'.
spooldir=/var/spool/atspool
jobdir=/var/spool/atjobs
etcdir=/etc/at
for dir in "$spooldir" "$jobdir" "$etcdir"
do
if [ ! -d "$dir" ]
then
mkdir -p "$dir" && chown atd:atd "$dir"
fi
done
chmod 1770 "$spooldir" "$jobdir"
${if cfg.allowEveryone then ''chmod a+rwxt "$spooldir" "$jobdir" '' else ""}
if [ ! -f "$etcdir"/at.deny ]
then
touch "$etcdir"/at.deny && \
chown root:atd "$etcdir"/at.deny && \
chmod 640 "$etcdir"/at.deny
fi
if [ ! -f "$jobdir"/.SEQ ]
then
touch "$jobdir"/.SEQ && \
chown atd:atd "$jobdir"/.SEQ && \
chmod 600 "$jobdir"/.SEQ
fi
end script
respawn ${at}/sbin/atd
'';
in
mkIf cfg.enable {
require = [
options
# config.services.extraJobs
#../upstart-jobs/default.nix
# config.environment.etc
#../etc/default.nix
# users.*
#../system/users-groups.nix
# ? # config.environment.extraPackages
# ? # config.security.extraSetuidPrograms
];
security = {
setuidOwners = map (program: {
inherit program;
owner = "atd";
group = "atd";
setuid = true;
setgid = true;
}) [ "at" "atq" "atrm" ];
};
environment = {
extraPackages = [ at ];
etc = [{
source = ./atd.pam;
target = "pam.d/atd";
}];
};
users = {
extraUsers = [user];
extraGroups = [group];
};
services = {
extraJobs = [{
name = "atd";
inherit job;
}];
};
}
Reference in New Issue View Git Blame Copy Permalink