services: Use 'file-append' for user account shells.
* gnu/services/cuirass.scm (cuirass-account): Use 'file-append' instead of #~(string-append #$shadow "/sbin/nologin"). * gnu/services/monitoring.scm (zabbix-server-account): Likewise. (zabbix-agent-account): Likewise. * gnu/services/rsync.scm (rsync-account): Likewise. * gnu/services/ssh.scm (%openssh-accounts): Likewise.master
parent
8bb76f3d44
commit
56a93cb975
|
@ -1,6 +1,6 @@
|
||||||
;;; GNU Guix --- Functional package management for GNU
|
;;; GNU Guix --- Functional package management for GNU
|
||||||
;;; Copyright © 2016 Mathieu Lirzin <mthl@gnu.org>
|
;;; Copyright © 2016 Mathieu Lirzin <mthl@gnu.org>
|
||||||
;;; Copyright © 2016, 2017, 2018 Ludovic Courtès <ludo@gnu.org>
|
;;; Copyright © 2016, 2017, 2018, 2019 Ludovic Courtès <ludo@gnu.org>
|
||||||
;;; Copyright © 2017 Mathieu Othacehe <m.othacehe@gmail.com>
|
;;; Copyright © 2017 Mathieu Othacehe <m.othacehe@gmail.com>
|
||||||
;;; Copyright © 2017 Jan Nieuwenhuizen <janneke@gnu.org>
|
;;; Copyright © 2017 Jan Nieuwenhuizen <janneke@gnu.org>
|
||||||
;;; Copyright © 2018 Ricardo Wurmus <rekado@elephly.net>
|
;;; Copyright © 2018 Ricardo Wurmus <rekado@elephly.net>
|
||||||
|
@ -136,7 +136,7 @@
|
||||||
(system? #t)
|
(system? #t)
|
||||||
(comment "Cuirass privilege separation user")
|
(comment "Cuirass privilege separation user")
|
||||||
(home-directory (string-append "/var/lib/" cuirass-user))
|
(home-directory (string-append "/var/lib/" cuirass-user))
|
||||||
(shell #~(string-append #$shadow "/sbin/nologin"))))))
|
(shell (file-append shadow "/sbin/nologin"))))))
|
||||||
|
|
||||||
(define (cuirass-activation config)
|
(define (cuirass-activation config)
|
||||||
"Return the activation code for CONFIG."
|
"Return the activation code for CONFIG."
|
||||||
|
|
|
@ -258,7 +258,7 @@ configuration file."))
|
||||||
(group zabbix-group)
|
(group zabbix-group)
|
||||||
(comment "zabbix privilege separation user")
|
(comment "zabbix privilege separation user")
|
||||||
(home-directory (string-append "/var/run/" zabbix-user))
|
(home-directory (string-append "/var/run/" zabbix-user))
|
||||||
(shell #~(string-append #$shadow "/sbin/nologin"))))))
|
(shell (file-append shadow "/sbin/nologin"))))))
|
||||||
|
|
||||||
(define (zabbix-server-config-file config)
|
(define (zabbix-server-config-file config)
|
||||||
"Return the zabbix-server configuration file corresponding to CONFIG."
|
"Return the zabbix-server configuration file corresponding to CONFIG."
|
||||||
|
@ -387,7 +387,7 @@ configuration file."))
|
||||||
(group zabbix-group)
|
(group zabbix-group)
|
||||||
(comment "zabbix privilege separation user")
|
(comment "zabbix privilege separation user")
|
||||||
(home-directory (string-append "/var/run/" zabbix-user))
|
(home-directory (string-append "/var/run/" zabbix-user))
|
||||||
(shell #~(string-append #$shadow "/sbin/nologin"))))))
|
(shell (file-append shadow "/sbin/nologin"))))))
|
||||||
|
|
||||||
(define (zabbix-agent-activation config)
|
(define (zabbix-agent-activation config)
|
||||||
"Return the activation gexp for CONFIG."
|
"Return the activation gexp for CONFIG."
|
||||||
|
|
|
@ -88,7 +88,7 @@
|
||||||
(comment "rsyncd privilege separation user")
|
(comment "rsyncd privilege separation user")
|
||||||
(home-directory (string-append "/var/run/"
|
(home-directory (string-append "/var/run/"
|
||||||
rsync-user))
|
rsync-user))
|
||||||
(shell #~(string-append #$shadow "/sbin/nologin"))))))
|
(shell (file-append shadow "/sbin/nologin"))))))
|
||||||
|
|
||||||
(define (rsync-activation config)
|
(define (rsync-activation config)
|
||||||
"Return the activation GEXP for CONFIG."
|
"Return the activation GEXP for CONFIG."
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
;;; GNU Guix --- Functional package management for GNU
|
;;; GNU Guix --- Functional package management for GNU
|
||||||
;;; Copyright © 2014, 2015, 2016, 2017, 2018 Ludovic Courtès <ludo@gnu.org>
|
;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019 Ludovic Courtès <ludo@gnu.org>
|
||||||
;;; Copyright © 2016 David Craven <david@craven.ch>
|
;;; Copyright © 2016 David Craven <david@craven.ch>
|
||||||
;;; Copyright © 2016 Julien Lepiller <julien@lepiller.eu>
|
;;; Copyright © 2016 Julien Lepiller <julien@lepiller.eu>
|
||||||
;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org>
|
;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org>
|
||||||
|
@ -349,7 +349,7 @@ The other options should be self-descriptive."
|
||||||
(system? #t)
|
(system? #t)
|
||||||
(comment "sshd privilege separation user")
|
(comment "sshd privilege separation user")
|
||||||
(home-directory "/var/run/sshd")
|
(home-directory "/var/run/sshd")
|
||||||
(shell #~(string-append #$shadow "/sbin/nologin")))))
|
(shell (file-append shadow "/sbin/nologin")))))
|
||||||
|
|
||||||
(define (openssh-activation config)
|
(define (openssh-activation config)
|
||||||
"Return the activation GEXP for CONFIG."
|
"Return the activation GEXP for CONFIG."
|
||||||
|
|
Reference in New Issue