me
/
guix
Archived
1
0
Fork 0
Code

services: base: Deprecate 'pam-limits-service' procedure. 

* doc/guix.texi (Base Services): Replace pam-limits-service with pam-limits-service-type.
* gnu/packages/benchmark.scm (python-locust)[description]: Update index anchor to manual.
* gnu/services/base.scm (pam-limits-service-type): Set default value.
(pam-limits-service): Deprecate procedure.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
master
Bruno Victal 2023-03-04 21:17:38 +00:00 committed by Ludovic Courtès
parent 59878230f4
commit ed50531885
No known key found for this signature in database
GPG Key ID: 090B11993D9AEBB5
3 changed files with 28 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
doc/guix.texi
View File

@ -18959,7 +18959,6 @@ will fail if @var{device} does not exist.
@end table @end table
@end deftp @end deftp
@anchor{pam-limits-service}
@cindex session limits @cindex session limits
@cindex ulimit @cindex ulimit
@cindex priority @cindex priority
@ -18967,22 +18966,28 @@ will fail if @var{device} does not exist.
@cindex jackd @cindex jackd
@cindex nofile @cindex nofile
@cindex open file descriptors @cindex open file descriptors
@deffn {Scheme Procedure} pam-limits-service [#:limits @code{'()}] @anchor{pam-limits-service-type}
@defvar pam-limits-service-type
Return a service that installs a configuration file for the Type of the service that installs a configuration file for the
@uref{http://linux-pam.org/Linux-PAM-html/sag-pam_limits.html, @uref{http://linux-pam.org/Linux-PAM-html/sag-pam_limits.html,
@code{pam_limits} module}. The procedure optionally takes a list of @code{pam_limits} module}. The value for this service type is
@code{pam-limits-entry} values, which can be used to specify a file-like object containing a list of @code{pam-limits-entry} values
@code{ulimit} limits and @code{nice} priority limits to user sessions. which can be used to specify @code{ulimit} limits and @code{nice}
priority limits to user sessions.
The following limits definition sets two hard and soft limits for all The following limits definition sets two hard and soft limits for all
login sessions of users in the @code{realtime} group: login sessions of users in the @code{realtime} group:
@lisp @lisp
(pam-limits-service (service
(list pam-limits-service-type
(pam-limits-entry "@@realtime" 'both 'rtprio 99) (plain-file
(pam-limits-entry "@@realtime" 'both 'memlock 'unlimited))) "limits.conf"
(string-join
(map pam-limits-entry->string
(list (pam-limits-entry "@@realtime" 'both 'rtprio 99)
(pam-limits-entry "@@realtime" 'both 'memlock 'unlimited)))
"\n")))
@end lisp @end lisp
The first entry increases the maximum realtime priority for The first entry increases the maximum realtime priority for
@ -18994,9 +18999,11 @@ Another useful example is raising the maximum number of open file
descriptors that can be used: descriptors that can be used:
@lisp @lisp
(pam-limits-service (service
(list pam-limits-service-type
(pam-limits-entry "*" 'both 'nofile 100000))) (plain-file
"limits.conf"
(pam-limits-entry->string (pam-limits-entry "*" 'both 'nofile 100000))))
@end lisp @end lisp
In the above example, the asterisk means the limit should apply to any In the above example, the asterisk means the limit should apply to any
@ -19005,7 +19012,7 @@ maximum system value visible in the @file{/proc/sys/fs/file-max} file,
else the users would be prevented from login in. For more information else the users would be prevented from login in. For more information
about the Pluggable Authentication Module (PAM) limits, refer to the about the Pluggable Authentication Module (PAM) limits, refer to the
@samp{pam_limits} man page from the @code{linux-pam} package. @samp{pam_limits} man page from the @code{linux-pam} package.
@end deffn @end defvar
@defvar greetd-service-type @defvar greetd-service-type
@uref{https://git.sr.ht/~kennylevinsen/greetd, @code{greetd}} is a minimal and @uref{https://git.sr.ht/~kennylevinsen/greetd, @code{greetd}} is a minimal and

2
gnu/packages/benchmark.scm
View File

@ -458,7 +458,7 @@ test any system or protocol.
Note: Locust will complain if the available open file descriptors limit for Note: Locust will complain if the available open file descriptors limit for
the user is too low. To raise such limit on a Guix System, refer to the user is too low. To raise such limit on a Guix System, refer to
@samp{info guix --index-search=pam-limits-service}.") @samp{info guix --index-search=pam-limits-service-type}.")
(license license:expat))) (license license:expat)))
(define-public interbench (define-public interbench

8
gnu/services/base.scm
View File

@ -246,7 +246,7 @@
kmscon-service-type kmscon-service-type
pam-limits-service-type pam-limits-service-type
pam-limits-service pam-limits-service ; deprecated
greetd-service-type greetd-service-type
greetd-configuration greetd-configuration
@ -1616,9 +1616,11 @@ information on the configuration file syntax."
(description (description
"Install the specified resource usage limits by populating "Install the specified resource usage limits by populating
@file{/etc/security/limits.conf} and using the @code{pam_limits} @file{/etc/security/limits.conf} and using the @code{pam_limits}
authentication module.")))) authentication module.")
(default-value (plain-file "limits.conf" "")))))
(define* (pam-limits-service #:optional (limits '())) (define-deprecated (pam-limits-service #:optional (limits '()))
pam-limits-service-type
"Return a service that makes selected programs respect the list of "Return a service that makes selected programs respect the list of
pam-limits-entry specified in LIMITS via pam_limits.so." pam-limits-entry specified in LIMITS via pam_limits.so."
(service pam-limits-service-type (service pam-limits-service-type