services: Use system groups where applicable.
* gnu/services/avahi.scm (avahi-service): Add 'system?' field to 'user-group' form. * gnu/services/base.scm (guix-service): Likewise. * gnu/services/dbus.scm (dbus-service): Likewise. * gnu/services/networking.scm (tor-service): Likewise.master
Ludovic Courtès
parent
c8fa34265d
commit
417175096a
|
|
@ -96,7 +96,8 @@ sockets."
|
|||
(mkdir-p "/var/run/avahi-daemon")))
|
||||
|
||||
(user-groups (list (user-group
|
||||
(name "avahi"))))
|
||||
(name "avahi")
|
||||
(system? #t))))
|
||||
(user-accounts (list (user-account
|
||||
(name "avahi")
|
||||
(group "avahi")
|
||||
|
|
|
|||
|
|
@ -472,6 +472,7 @@ passed to @command{guix-daemon}."
|
|||
(user-accounts accounts)
|
||||
(user-groups (list (user-group
|
||||
(name builder-group)
|
||||
(system? #t)
|
||||
|
||||
;; Use a fixed GID so that we can create the
|
||||
;; store with the right owner.
|
||||
|
|
|
|||
|
|
@ -86,7 +86,8 @@ and policy files. For example, to allow avahi-daemon to use the system bus,
|
|||
(string-append "--config-file=" #$conf "/system.conf"))))
|
||||
(stop #~(make-kill-destructor))
|
||||
(user-groups (list (user-group
|
||||
(name "messagebus"))))
|
||||
(name "messagebus")
|
||||
(system? #t))))
|
||||
(user-accounts (list (user-account
|
||||
(name "messagebus")
|
||||
(group "messagebus")
|
||||
|
|
|
|||
|
|
@ -107,7 +107,8 @@ policy) as the @code{tor} unprivileged user."
|
|||
(stop #~(make-kill-destructor))
|
||||
|
||||
(user-groups (list (user-group
|
||||
(name "tor"))))
|
||||
(name "tor")
|
||||
(system? #t))))
|
||||
(user-accounts (list (user-account
|
||||
(name "tor")
|
||||
(group "tor")
|
||||
|
|
|
|||
Reference in New Issue