gnu: system: Add home-directory-permissions field to <user-account>.
* gnu/system/accounts.scm (<user-account>)[home-directory-permissions]: New field. (user-account-home-directory-permissions): New accessor. * gnu/build/activation.scm (activate-users+groups): Use home directory permission bits from the user account object. * doc/guix.texi (User Accounts): Document new field. Signed-off-by: Josselin Poiret <dev@jpoiret.xyz>master
David Thompson
Josselin Poiret
parent
6c447ababf
commit
e9a5eebc78
|
|
@ -18049,6 +18049,10 @@ administrator's choice; reconfiguring does @emph{not} change their name.
|
|||
@item @code{home-directory}
|
||||
This is the name of the home directory for the account.
|
||||
|
||||
@item @code{home-directory-permissions} (default: @code{#o700})
|
||||
The permission bits for the home directory. By default, full access is
|
||||
granted to the user account and all other access is denied.
|
||||
|
||||
@item @code{create-home-directory?} (default: @code{#t})
|
||||
Indicates whether the home directory of this account should be created
|
||||
if it does not exist yet.
|
||||
|
|
|
|||
|
|
@ -162,14 +162,14 @@ owner-writable in HOME."
|
|||
group records) are all available."
|
||||
(define (make-home-directory user)
|
||||
(let ((home (user-account-home-directory user))
|
||||
(home-permissions (user-account-home-directory-permissions user))
|
||||
(pwd (getpwnam (user-account-name user))))
|
||||
(mkdir-p home)
|
||||
|
||||
;; Always set ownership and permissions for home directories of system
|
||||
;; accounts. If a service needs looser permissions on its home
|
||||
;; directories, it can always chmod it in an activation snippet.
|
||||
;; accounts.
|
||||
(chown home (passwd:uid pwd) (passwd:gid pwd))
|
||||
(chmod home #o700)))
|
||||
(chmod home home-permissions)))
|
||||
|
||||
(define system-accounts
|
||||
(filter (lambda (user)
|
||||
|
|
|
|||
|
|
@ -29,6 +29,7 @@
|
|||
user-account-supplementary-groups
|
||||
user-account-comment
|
||||
user-account-home-directory
|
||||
user-account-home-directory-permissions
|
||||
user-account-create-home-directory?
|
||||
user-account-shell
|
||||
user-account-system?
|
||||
|
|
@ -70,6 +71,8 @@
|
|||
(comment user-account-comment (default ""))
|
||||
(home-directory user-account-home-directory (thunked)
|
||||
(default (default-home-directory this-record)))
|
||||
(home-directory-permissions user-account-home-directory-permissions
|
||||
(default #o700))
|
||||
(create-home-directory? user-account-create-home-directory? ;Boolean
|
||||
(default #t))
|
||||
(shell user-account-shell ; gexp
|
||||
|
|
|
|||
Reference in New Issue