From unknown Sun Jun 22 08:02:55 2025 X-Loop: help-debbugs@gnu.org Subject: [bug#76864] [PATCH] services: Integrate gnome-keyring service in gnome-desktop service. Resent-From: Maxim Cournoyer Original-Sender: "Debbugs-submit" Resent-CC: liliana.prikler@gmail.com, ludo@gnu.org, maxim.cournoyer@gmail.com, vivien@planete-kraus.eu, guix-patches@gnu.org Resent-Date: Sat, 08 Mar 2025 12:43:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 76864 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 76864@debbugs.gnu.org Cc: Maxim Cournoyer , Liliana Marie Prikler , Ludovic =?UTF-8?Q?Court=C3=A8s?= , Maxim Cournoyer , Vivien Kraus X-Debbugs-Original-To: guix-patches@gnu.org X-Debbugs-Original-Xcc: Liliana Marie Prikler , Ludovic =?UTF-8?Q?Court=C3=A8s?= , Maxim Cournoyer , Vivien Kraus Received: via spool by submit@debbugs.gnu.org id=B.174143772912093 (code B ref -1); Sat, 08 Mar 2025 12:43:02 +0000 Received: (at submit) by debbugs.gnu.org; 8 Mar 2025 12:42:09 +0000 Received: from localhost ([127.0.0.1]:53247 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tqtVI-00038y-88 for submit@debbugs.gnu.org; Sat, 08 Mar 2025 07:42:09 -0500 Received: from lists.gnu.org ([2001:470:142::17]:47100) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1tqtVE-00038K-DA for submit@debbugs.gnu.org; Sat, 08 Mar 2025 07:42:05 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tqtV6-0006kP-Tt for guix-patches@gnu.org; Sat, 08 Mar 2025 07:41:57 -0500 Received: from mail-qv1-xf31.google.com ([2607:f8b0:4864:20::f31]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1tqtV4-0005hS-Ap for guix-patches@gnu.org; Sat, 08 Mar 2025 07:41:56 -0500 Received: by mail-qv1-xf31.google.com with SMTP id 6a1803df08f44-6e8f6970326so20784896d6.0 for ; Sat, 08 Mar 2025 04:41:51 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1741437710; x=1742042510; darn=gnu.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=RYKRbva+14AjwrTk95B2moMG6Ufwl3WJidXrFV30Eu0=; b=cciCAs6g0ZFIKnRAcM+lWTL23gazD7cFHXoQ2xOXkh7KHw9IiuribrCatzlJ1h1hay jk0BYxlpnXjpIXOocNlu/6LV6udCmEt01/1SdtUSmaqYzlqkmKCaVv/jrF63dKxMYM05 HISs/G5SxenbspBmKlIaZU0J2itX2AR9u/I9g3lE7kCSy3RouxNWHSFKUC2ghId1Smqz r53s5kIubXGKMzAr104Wj/f1geOBuzyhXEyLc+QAwqsH7gnEMge5VjAyjVtVH6AOzPKV aYcNcColt6quTiZrRVA9h5G6U2oX87O1AHyu2Q9X2jW12xZYD0lzSu6/OFIEbywfuGei zlnw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741437710; x=1742042510; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=RYKRbva+14AjwrTk95B2moMG6Ufwl3WJidXrFV30Eu0=; b=EHT0WVS+fhU9WWE8Gfjo3pFSDXp0je6Vz4wUWpjsT3+O614xoBs+YZ7QJ+5r/dceO+ tEcVTTqHwYWoUtLDAEPj7+pt0MaPe4QIzfk5KxVftaBEmCvRMEGDIYJLJxOtqMXoIxat i9kx/wA+z6OakHbm4vNcE6asDhn9QeWuhJja5NzmF8Pr770387pf3QeCN1tkbgW1kW2k SzigHNggo32LjHP8y3hxT3Dv+PBg8tmbIGaEiHIvp1R1bNXZepUOU8IIMQbFG0urUgDk 0jMD37wrymOEzhHg2IMQGFC9Ms53exBGr233t59xiPxkwxJAmsjlerqnWn7WzmBKa4Ih +c1g== X-Gm-Message-State: AOJu0YxpYw6UEm33tPUq1ypCGtKpPNrxZ+4DATHDRvrNGACN4F/aDD52 yw8TTcqt7DmnseTreqFJcRn0nChDk3ZXvWh4VC6CtPrHokAWEtEpXbNnb2UPjsc= X-Gm-Gg: ASbGnctcy/Rln9JvlSo5wyS6DlzZD59+zx8HWF5fFKw9r6dZ40abmDU0uRhutHs1cPF 1z2buWrBOz0rklVsUB9KFat2mYub8wVoPeuGAO0p1a+Fyu5jkf0R1g6LxFm0CqjmmKvGbonwPns J7TP0eLg2qQuCb5FG97Vf6PF8+QLczcKT9vAZpdbGskhnhHlYvUQcZoTafMvqpfEoNalZs5i2oF JtczX/rFoJrxRDu/5WsqZ89zpl3riciS68hatdfgccp766fTmtMcpLLGazyuF39Q/AJX/cYcRZz px+j/ce+SDNXyXKeDIoun4zeIE5BOsiXnAie9sQCs0Uz+MMpN4GjOdxfMIiMHfsVW7pwW8I3BKw woJoEnDZSpbU= X-Google-Smtp-Source: AGHT+IFqXOv6sRIimjP5U+uC8KVbrrrSWrPqiha6VYun44kzeIOSYMFsvGeyT/3YHzH4ynhhJI7K+g== X-Received: by 2002:a05:6214:c48:b0:6e4:2c6e:7cdc with SMTP id 6a1803df08f44-6e900640befmr96801566d6.25.1741437710547; Sat, 08 Mar 2025 04:41:50 -0800 (PST) Received: from localhost.localdomain (vps-6234970c.vps.ovh.ca. [51.222.13.224]) by smtp.gmail.com with ESMTPSA id 6a1803df08f44-6e8f707c54fsm30877896d6.16.2025.03.08.04.41.47 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 08 Mar 2025 04:41:49 -0800 (PST) From: Maxim Cournoyer Date: Sat, 8 Mar 2025 21:41:30 +0900 Message-ID: X-Mailer: git-send-email 2.48.1 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=2607:f8b0:4864:20::f31; envelope-from=maxim.cournoyer@gmail.com; helo=mail-qv1-xf31.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: 1.0 (+) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.0 (/) Previous to this change, GNOME users would have to manually add the gnome-keyring-service-type to their services to have a default login keyring created and unlocked at login time. Some applications depend on a default keyring being available, prompt repeatedly for it, which is confusing and doesn't match user expectations, given most distributions use the GNOME keyring pam module to unlock the login keyring by default. * doc/guix.texi (Desktop Services): Update doc. * gnu/services/desktop.scm (): Move above gnome-desktop-service-type, and streamline description. (pam-gnome-keyring): Return the empty list when CONFIG is #f. (gnome-desktop-configuration) [gnome-keyring-configuration]: New field. Change-Id: Ica26c1e1b85a038c1187edfb3ec3691fcd429641 --- doc/guix.texi | 12 +++- gnu/services/desktop.scm | 125 +++++++++++++++++++++++---------------- 2 files changed, 83 insertions(+), 54 deletions(-) diff --git a/doc/guix.texi b/doc/guix.texi index 6844470ce2..d5d08ece78 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -49,7 +49,7 @@ Copyright @copyright{} 2017, 2021 Christine Lemmer-Webber@* Copyright @copyright{} 2017, 2018, 2019, 2020, 2021, 2022 Marius Bakke@* Copyright @copyright{} 2017, 2019, 2020, 2022 Hartmut Goebel@* -Copyright @copyright{} 2017, 2019, 2020, 2021, 2022, 2023, 2024 Maxim Cournoyer@* +Copyright @copyright{} 2017, 2019--2025 Maxim Cournoyer@* Copyright @copyright{} 2017–2022 Tobias Geerinckx-Rice@* Copyright @copyright{} 2017 George Clemmer@* Copyright @copyright{} 2017 Andy Wingo@* @@ -25649,6 +25649,12 @@ Desktop Services package that should not be installed. By default, every polkit rule added by any package referenced in the other fields are installed. +@item @code{gnome-keyring-configuration} (type: gnome-keyring-configuration-or-#f) +A record used to better integrate the +GNOME keyring with the system. Refer to the documentation of the +@code{gnome-keyring-service-type} for more information. If you'd rather +avoid integrating the GNOME keyring, you can set this to @code{#f}. + @end table @end deftp @@ -26666,7 +26672,9 @@ Desktop Services @defvar gnome-keyring-service-type This is the type of the service that adds the @uref{https://wiki.gnome.org/Projects/GnomeKeyring, GNOME Keyring}. Its -value is a @code{gnome-keyring-configuration} object (see below). +value is a @code{gnome-keyring-configuration} object (see below). Note +that there is no need to use this service when using +@code{gnome-desktop-service-type}, which includes it. This service adds the @code{gnome-keyring} package to the system profile and extends PAM with entries using @code{pam_gnome_keyring.so}, unlocking diff --git a/gnu/services/desktop.scm b/gnu/services/desktop.scm index ee05bd98db..39a9da6384 100644 --- a/gnu/services/desktop.scm +++ b/gnu/services/desktop.scm @@ -154,6 +154,7 @@ (define-module (gnu services desktop) gnome-desktop-configuration-extra-packages gnome-desktop-configuration-polkit-ignorelist gnome-desktop-configuration-udev-ignorelist + gnome-desktop-configuration-gnome-keyring-configuration gnome-desktop-service gnome-desktop-service-type @@ -1471,6 +1472,65 @@ (define sane-service-type (service-extension account-service-type (const %sane-accounts)))))) + +;;; +;;; gnome-keyring-service-type +;;; + +(define-record-type* gnome-keyring-configuration + make-gnome-keyring-configuration + gnome-keyring-configuration? + (keyring gnome-keyring-package (default gnome-keyring)) + (pam-services gnome-keyring-pam-services (default '(("gdm-password" . login) + ("passwd" . passwd))))) + +(define (pam-gnome-keyring config) + ;; CONFIG may be either a or a + ;; > record, when using the + ;; gnome-keyring-service-type on its own. + (let ((config (if (gnome-desktop-configuration? config) + (gnome-desktop-configuration-gnome-keyring-configuration + config) + config))) + (match config + (#f '()) ;explicitly disabled by user + (_ + (define (%pam-keyring-entry . arguments) + (pam-entry + (control "optional") + (module (file-append (gnome-keyring-package config) + "/lib/security/pam_gnome_keyring.so")) + (arguments arguments))) + + (list + (pam-extension + (transformer + (lambda (service) + (case (assoc-ref (gnome-keyring-pam-services config) + (pam-service-name service)) + ((login) + (pam-service + (inherit service) + (auth (append (pam-service-auth service) + (list (%pam-keyring-entry)))) + (session (append (pam-service-session service) + (list (%pam-keyring-entry "auto_start")))))) + ((passwd) + (pam-service + (inherit service) + (password (append (pam-service-password service) + (list (%pam-keyring-entry)))))) + (else service)))))))))) + +(define gnome-keyring-service-type + (service-type + (name 'gnome-keyring) + (extensions (list + (service-extension pam-root-service-type pam-gnome-keyring))) + (default-value (gnome-keyring-configuration)) + (description "Return a service, that extends PAM with entries using +@code{pam_gnome_keyring.so}, unlocking a user's login keyring when they log in +or setting its password with passwd."))) ;;; @@ -1479,6 +1539,10 @@ (define sane-service-type (define-maybe/no-serialization package) +(define (gnome-keyring-configuration-or-#f? value) + (or (gnome-keyring-configuration? value) + (not value))) + (define (extract-propagated-inputs package) ;; Drop input labels. Attempt to support outputs. (map @@ -1515,7 +1579,13 @@ (define-configuration/no-serialization gnome-desktop-configuration (list-of-strings '()) "A list of regular expressions denoting polkit rules provided by any package that should not be installed. By default, every polkit rule added by any package -referenced in the other fields are installed.")) +referenced in the other fields are installed.") + (gnome-keyring-configuration + (gnome-keyring-configuration-or-#f (gnome-keyring-configuration)) + "A record used to better integrate the GNOME +keyring with the system. Refer to the documentation of the +@code{gnome-keyring-service-type} for more information. If you'd rather avoid +integrating the GNOME keyring, you can set this to @code{#f}.")) (define (gnome-package gnome name) "Return the package NAME among the GNOME package inputs. NAME can be a @@ -1636,6 +1706,8 @@ (define gnome-desktop-service-type (extensions (list (service-extension udev-service-type gnome-udev-configuration-files) + (service-extension pam-root-service-type + pam-gnome-keyring) (service-extension polkit-service-type gnome-polkit-settings) (service-extension privileged-program-service-type @@ -1972,57 +2044,6 @@ (define inputattach-service-type (description "Return a service that runs inputattach on a device and dispatches events from it."))) - -;;; -;;; gnome-keyring-service-type -;;; - -(define-record-type* gnome-keyring-configuration - make-gnome-keyring-configuration - gnome-keyring-configuration? - (keyring gnome-keyring-package (default gnome-keyring)) - (pam-services gnome-keyring-pam-services (default '(("gdm-password" . login) - ("passwd" . passwd))))) - -(define (pam-gnome-keyring config) - (define (%pam-keyring-entry . arguments) - (pam-entry - (control "optional") - (module (file-append (gnome-keyring-package config) - "/lib/security/pam_gnome_keyring.so")) - (arguments arguments))) - - (list - (pam-extension - (transformer - (lambda (service) - (case (assoc-ref (gnome-keyring-pam-services config) - (pam-service-name service)) - ((login) - (pam-service - (inherit service) - (auth (append (pam-service-auth service) - (list (%pam-keyring-entry)))) - (session (append (pam-service-session service) - (list (%pam-keyring-entry "auto_start")))))) - ((passwd) - (pam-service - (inherit service) - (password (append (pam-service-password service) - (list (%pam-keyring-entry)))))) - (else service))))))) - -(define gnome-keyring-service-type - (service-type - (name 'gnome-keyring) - (extensions (list - (service-extension pam-root-service-type pam-gnome-keyring))) - (default-value (gnome-keyring-configuration)) - (description "Return a service, that adds the @code{gnome-keyring} package -to the system profile and extends PAM with entries using -@code{pam_gnome_keyring.so}, unlocking a user's login keyring when they log in -or setting its password with passwd."))) - ;;; ;;; polkit-wheel-service -- Allow wheel group to perform admin actions base-commit: 1f26b0eec83b5dc949900a743ed01088cb093c65 -- 2.48.1 From unknown Sun Jun 22 08:02:55 2025 X-Loop: help-debbugs@gnu.org Subject: [bug#76864] [PATCH] services: Integrate gnome-keyring service in gnome-desktop service. Resent-From: Liliana Marie Prikler Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Sat, 08 Mar 2025 12:54:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 76864 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: Maxim Cournoyer , 76864@debbugs.gnu.org Cc: Ludovic =?UTF-8?Q?Court=C3=A8s?= , Vivien Kraus Received: via spool by 76864-submit@debbugs.gnu.org id=B76864.174143842514230 (code B ref 76864); Sat, 08 Mar 2025 12:54:02 +0000 Received: (at 76864) by debbugs.gnu.org; 8 Mar 2025 12:53:45 +0000 Received: from localhost ([127.0.0.1]:53262 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tqtgW-0003hS-RH for submit@debbugs.gnu.org; Sat, 08 Mar 2025 07:53:45 -0500 Received: from mail-wr1-x441.google.com ([2a00:1450:4864:20::441]:50436) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from ) id 1tqtgT-0003h6-S4 for 76864@debbugs.gnu.org; Sat, 08 Mar 2025 07:53:43 -0500 Received: by mail-wr1-x441.google.com with SMTP id ffacd0b85a97d-391211ea598so1669266f8f.1 for <76864@debbugs.gnu.org>; Sat, 08 Mar 2025 04:53:41 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1741438415; x=1742043215; darn=debbugs.gnu.org; h=mime-version:user-agent:content-transfer-encoding:references :in-reply-to:date:cc:to:from:subject:message-id:from:to:cc:subject :date:message-id:reply-to; bh=u77CTf4XUZbIlGj/amVizIm74jYvByYdDORrFyMTr1U=; b=FxgsSZijrnx8ghOCjOlWx9ALqx5WiBBp9xkPFJv/3l+UUuAyynmPduN9yVnUzqaDPe babyuRtkwP7jVqiXWfaRgKYsz8gmbXBuT4E1zOYQaQFkxyp0XqjjITFyffktZB/5axzc Gah0kHz3E1QrVGBBJdqjOXlwm/iqgpIbhbn6v0GcUQOrKsekVUxC5YKK9vHbrpWzSQzy CB1UlUdeYnxIFWYRcbB92197b5YSMBHuk7DYyzw7nmdxzT6p+urxdpdtLjeY3tD5yA0H heQph8p4NZZJmVAZ/b185M9twQpJLg9Ygd62wiSHjGcKK+mFse82gBMGfXRHzSxKOsRl 6Rbg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741438415; x=1742043215; h=mime-version:user-agent:content-transfer-encoding:references :in-reply-to:date:cc:to:from:subject:message-id:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=u77CTf4XUZbIlGj/amVizIm74jYvByYdDORrFyMTr1U=; b=D4XwKVB1oPihfL9XohNfAj2HbUHoPjpRGoIrCgRw2uujz9JkYiaxxLFoXnt5XOfJWB S8B+WTCMNhSyqICaM28RAvCOKO8q083Djq7KpG9NjqbI/Rx5sm+e/tmZOJptrDvc4HtN TPxrvSaJVJBdA9PVrQb+DBcJ3pU3tmMkmKDz11pMpR8ogjZWvZQPlPG8q22B6EzuD8wm FtcQZH+p7Ijz3U5QH0blHOsgBA8SLteXx8yNo6nxDzkIhOkAKtGb1Y28+XRIYoqVSeGg H5weuGo3KUjAK04edVaR8UyGYmG7sftGxhNnRohaX+6+P51FpAbkQiXsdkZ1nxwRU86I RXhg== X-Forwarded-Encrypted: i=1; AJvYcCWi1F7qk96wHJGhY/fIgZD4kUBBHvF64Z63puzuzaebvj/pr+HvSxOVLSe85WUgzqvZ9cwi6A==@debbugs.gnu.org X-Gm-Message-State: AOJu0YzqnNB4wam7cmGhps/LjAonE5V2vmyie6Tc+zN34CL/6AAY9JJo 6QIain2uo2J4/RQw2xmi6wF8sF3X9AFccvGJRpG4YkvK9N3ogaqg X-Gm-Gg: ASbGncsznh7uEuhrKVRRV0i5ZGHzc6urLXYoSX/akDze5s62Upr5AcW8VQR4Tpy6VNJ xFZEkg48gVysf3Tk+sAYboJxDMzn/+OVKFHJ5lDEpA9FIsjoVrlSyxRLkeESWIbHjcN84oMeFRY Urhd52ApZywMzaclnU+UK1uXuAkj4cxBAlAhYSnmd2vsVsRxOoNR1yZdzezIRrB/iFcthbn5I7J Bg1j/niNLB5t7vFF++H7IzaX4PZJ4JwdmQ+IVx7qCvSjAIyxI3r3r/WhJ+w7HyctcDJBfLNENVh dBlvKsswXAQeV8KcPvJ707Byim8FzLvRSfKY7HEVOv+QTX639a6kspGRYy+KRJKPZk+4QowyFff 5rmr98azGZJW6x1IqiJ3w X-Google-Smtp-Source: AGHT+IHBOc6yp4GeLlXI1ed9vNDYVUwkEwAF5bSOhHg4xcomjDIQmBB8Hwk9zh23f+MK3wIVxEv3sQ== X-Received: by 2002:a05:6000:4108:b0:391:2991:bdcd with SMTP id ffacd0b85a97d-39132daa51amr5258316f8f.39.1741438415011; Sat, 08 Mar 2025 04:53:35 -0800 (PST) Received: from lumine.fritz.box (85-127-114-32.dsl.dynamic.surfer.at. [85.127.114.32]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-43bdd8b03cesm82786795e9.7.2025.03.08.04.53.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 08 Mar 2025 04:53:34 -0800 (PST) Message-ID: From: Liliana Marie Prikler Date: Sat, 08 Mar 2025 13:54:41 +0100 In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable User-Agent: Evolution 3.54.3 MIME-Version: 1.0 X-Spam-Score: 0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Am Samstag, dem 08.03.2025 um 21:41 +0900 schrieb Maxim Cournoyer: > Previous to this change, GNOME users would have to manually add the > gnome-keyring-service-type to their services to have a default login > keyring created and unlocked at login time.=C2=A0 Some applications depen= d > on a default keyring being available, prompt repeatedly for it, which > is confusing and doesn't match user expectations, given most > distributions use the GNOME keyring pam module to unlock the login > keyring by default. >=20 > * doc/guix.texi (Desktop Services): Update doc. > * gnu/services/desktop.scm (): Move > above > gnome-desktop-service-type, and streamline description. > (pam-gnome-keyring): Return the empty list when CONFIG is #f. > (gnome-desktop-configuration) [gnome-keyring-configuration]: New > field. >=20 > Change-Id: Ica26c1e1b85a038c1187edfb3ec3691fcd429641 > --- SGTM > =C2=A0doc/guix.texi=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0 |=C2=A0 12 +++- > =C2=A0gnu/services/desktop.scm | 125 +++++++++++++++++++++++-------------= - > -- > =C2=A02 files changed, 83 insertions(+), 54 deletions(-) >=20 > diff --git a/doc/guix.texi b/doc/guix.texi > index 6844470ce2..d5d08ece78 100644 > --- a/doc/guix.texi > +++ b/doc/guix.texi > @@ -49,7 +49,7 @@ > =C2=A0Copyright @copyright{} 2017, 2021 Christine Lemmer-Webber@* > =C2=A0Copyright @copyright{} 2017, 2018, 2019, 2020, 2021, 2022 Marius > Bakke@* > =C2=A0Copyright @copyright{} 2017, 2019, 2020, 2022 Hartmut Goebel@* > -Copyright @copyright{} 2017, 2019, 2020, 2021, 2022, 2023, 2024 > Maxim Cournoyer@* > +Copyright @copyright{} 2017, 2019--2025 Maxim Cournoyer@* > =C2=A0Copyright @copyright{} 2017=E2=80=932022 Tobias Geerinckx-Rice@* > =C2=A0Copyright @copyright{} 2017 George Clemmer@* > =C2=A0Copyright @copyright{} 2017 Andy Wingo@* > @@ -25649,6 +25649,12 @@ Desktop Services > =C2=A0package that should not be installed.=C2=A0 By default, every polki= t rule > =C2=A0added by any package referenced in the other fields are installed. > =C2=A0 > +@item @code{gnome-keyring-configuration} (type: gnome-keyring- > configuration-or-#f) > +A record used to better integrate the > +GNOME keyring with the system.=C2=A0 Refer to the documentation of the > +@code{gnome-keyring-service-type} for more information.=C2=A0 If you'd > rather > +avoid integrating the GNOME keyring, you can set this to @code{#f}. > + > =C2=A0@end table > =C2=A0@end deftp > =C2=A0 > @@ -26666,7 +26672,9 @@ Desktop Services > =C2=A0@defvar gnome-keyring-service-type > =C2=A0This is the type of the service that adds the > =C2=A0@uref{https://wiki.gnome.org/Projects/GnomeKeyring, GNOME Keyring}.= =C2=A0 > Its > -value is a @code{gnome-keyring-configuration} object (see below). > +value is a @code{gnome-keyring-configuration} object (see below).=C2=A0 > Note > +that there is no need to use this service when using > +@code{gnome-desktop-service-type}, which includes it. > =C2=A0 > =C2=A0This service adds the @code{gnome-keyring} package to the system > profile > =C2=A0and extends PAM with entries using @code{pam_gnome_keyring.so}, > unlocking > diff --git a/gnu/services/desktop.scm b/gnu/services/desktop.scm > index ee05bd98db..39a9da6384 100644 > --- a/gnu/services/desktop.scm > +++ b/gnu/services/desktop.scm > @@ -154,6 +154,7 @@ (define-module (gnu services desktop) > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 = gnome-desktop-configuration-extra-packages > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 = gnome-desktop-configuration-polkit-ignorelist > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 = gnome-desktop-configuration-udev-ignorelist > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 gnome= -desktop-configuration-gnome-keyring-configuration I would use a shorter name here. Perhaps gnome-desktop-configuration- keyring? Cheers From unknown Sun Jun 22 08:02:55 2025 X-Loop: help-debbugs@gnu.org Subject: [bug#76864] [PATCH] services: Integrate gnome-keyring service in gnome-desktop service. Resent-From: Maxim Cournoyer Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Sat, 08 Mar 2025 14:46:03 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 76864 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: Liliana Marie Prikler Cc: Vivien Kraus , Ludovic =?UTF-8?Q?Court=C3=A8s?= , 76864@debbugs.gnu.org Received: via spool by 76864-submit@debbugs.gnu.org id=B76864.17414451554802 (code B ref 76864); Sat, 08 Mar 2025 14:46:03 +0000 Received: (at 76864) by debbugs.gnu.org; 8 Mar 2025 14:45:55 +0000 Received: from localhost ([127.0.0.1]:53542 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tqvR4-0001FO-Rg for submit@debbugs.gnu.org; Sat, 08 Mar 2025 09:45:55 -0500 Received: from mail-qt1-x835.google.com ([2607:f8b0:4864:20::835]:48585) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from ) id 1tqvQo-0001Ee-Sg for 76864@debbugs.gnu.org; Sat, 08 Mar 2025 09:45:39 -0500 Received: by mail-qt1-x835.google.com with SMTP id d75a77b69052e-471fe5e0a80so23314381cf.1 for <76864@debbugs.gnu.org>; Sat, 08 Mar 2025 06:45:38 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1741445133; x=1742049933; darn=debbugs.gnu.org; h=content-transfer-encoding:mime-version:user-agent:message-id:date :references:in-reply-to:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=wJeYF8fdJXy8esRcWEiCR90jwH5JvNy53QF+nI4qJSU=; b=F7367EOoUpjJyYjkkaQSH+/IBWrL2CeRH2SOcWARh7Ej80j7wlaS/Te3u0wh6/oxi/ j5rNWFsDhMhd77Cv3iNvi3N7rLNLckHkW3pxIOhE/pc8LoYZRUSDL4Wn3+I2/swFYSqz B/CgbPChAvhio6oOLLMAW574GgQa5cHhv0BHa94+F1Z3NfdH4ncYlBmQRcwWoVDpJGPP v9OZPiz/XT/xsPrdjtfsZFs7pmWFH//Q2cc9eQQ2KCPNrCSUSH7uNipur+Dsxx4F8ju4 20H4xo4ydPDSULWQ3Iyq3MB7UI3WuktgbjHP2npbGlhDh0ZnlpQeP+ocNhkQ8/IXOlIy J3iA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741445133; x=1742049933; h=content-transfer-encoding:mime-version:user-agent:message-id:date :references:in-reply-to:subject:cc:to:from:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=wJeYF8fdJXy8esRcWEiCR90jwH5JvNy53QF+nI4qJSU=; b=UpShDeKTAZRGtaG3efIY4raohON38wlcj24xPMQUoj7QjWAZ21DHkk7e5OIYaIKCKX uBkBFmLex1ZrsiMT9WV/w7bHFM+R3yYAUxUxSKMXPEP9TsQyUwx4++/dbiaVqbsvveGk cu7IMznCHR+/vRPHiUpDhoI8txjCqZyEc0tViA0X3r+NUF/yo58yqXcnn7ogjNVYHs7Y pckX7m6l1E5eiKQiC8aGqUMuRXW559bz6rp/aFK70RoSbIveLiGeKwL9/7T4ENs1nVwx HdnBwezkGbRsR+eBb9PLaXrmHvjq9Ythh7TBZNgVobIrrqBEgyfvKigdDqR8pHB9IKc8 +x6g== X-Gm-Message-State: AOJu0YzZ1rZXyrwpYL5OMK1MpH28w+CC3tQ8clHMU5EJuy9RUGJzdlwt BfdOXQ28Y6bjpwJ9J7WHDGqEeEcMzidEFuJGv1xxbbTTj6UO514l X-Gm-Gg: ASbGncvLEZsxyiaA2SZ9ZWelZ347oSAtwoNYooUrJlJ2YfNWq/0lEwP3HYly+VqeHa8 4arsOSiA6OFmH1iDnrmeR/YTpenLTmUvCwBvdjFydy1xDBpUxLW9fdsnpqne29kfoNckovbNnyP U4i4U5kvvwcHw+4mXMscqNPaW1Fzhg4bczA0OF4XpdZLUUe0K3BATZrk+6B/GNvr8fJXixOoJ/1 yUXlogpQJBNv8QLIC1C6P2XjyzOM3wRbA1VXzZNBaL1hnAykHeC9vZk0wCxojWYgNyunfK/EX3r 8hTy4v8LSNQwUIecrir3KIx5+FYjmWhrgS9GVnYTxJxSwfHRf8A/s/z5d6BXk7N8xkgkJDOyfEO E X-Google-Smtp-Source: AGHT+IEYEBMyJTltVFj98zEGcFwEdUYmU1+I0QxUyfrO3KLUxWFYlL+f4ZZOkiHHw1CFjSxbL+wO4w== X-Received: by 2002:a05:622a:548:b0:474:e270:1c7d with SMTP id d75a77b69052e-4761194b06cmr95292631cf.33.1741445132903; Sat, 08 Mar 2025 06:45:32 -0800 (PST) Received: from terra (vps-6234970c.vps.ovh.ca. [51.222.13.224]) by smtp.gmail.com with ESMTPSA id d75a77b69052e-4751d94af29sm31520361cf.9.2025.03.08.06.45.30 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 08 Mar 2025 06:45:32 -0800 (PST) From: Maxim Cournoyer In-Reply-To: (Liliana Marie Prikler's message of "Sat, 08 Mar 2025 13:54:41 +0100") References: Date: Sat, 08 Mar 2025 23:45:18 +0900 Message-ID: <87plirwphd.fsf@gmail.com> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: 0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Hi Liliana, Liliana Marie Prikler writes: [...] >> @@ -154,6 +154,7 @@ (define-module (gnu services desktop) >> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= gnome-desktop-configuration-extra-packages >> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= gnome-desktop-configuration-polkit-ignorelist >> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= gnome-desktop-configuration-udev-ignorelist >> +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 gnom= e-desktop-configuration-gnome-keyring-configuration > I would use a shorter name here. Perhaps gnome-desktop-configuration- > keyring? While I agree the naming is a mouthful, I find it necessary to have it descriptive enough that it conveys the odd situation where we are embedding a configuration object in another configuration :-). So I'd keep it as is, knowing it probably will be seldom typed in a user operating system config file anyway. --=20 Thanks, Maxim From unknown Sun Jun 22 08:02:55 2025 X-Loop: help-debbugs@gnu.org Subject: [bug#76864] [PATCH] services: Integrate gnome-keyring service in gnome-desktop service. Resent-From: Liliana Marie Prikler Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Sat, 08 Mar 2025 15:02:03 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 76864 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: Maxim Cournoyer Cc: Vivien Kraus , Ludovic =?UTF-8?Q?Court=C3=A8s?= , 76864@debbugs.gnu.org Received: via spool by 76864-submit@debbugs.gnu.org id=B76864.174144612210534 (code B ref 76864); Sat, 08 Mar 2025 15:02:03 +0000 Received: (at 76864) by debbugs.gnu.org; 8 Mar 2025 15:02:02 +0000 Received: from localhost ([127.0.0.1]:56115 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tqvgf-0002jm-9w for submit@debbugs.gnu.org; Sat, 08 Mar 2025 10:02:01 -0500 Received: from mail-wm1-x344.google.com ([2a00:1450:4864:20::344]:55537) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from ) id 1tqvgV-0002jN-EM for 76864@debbugs.gnu.org; Sat, 08 Mar 2025 10:01:57 -0500 Received: by mail-wm1-x344.google.com with SMTP id 5b1f17b1804b1-43bcad638efso16371235e9.2 for <76864@debbugs.gnu.org>; Sat, 08 Mar 2025 07:01:51 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1741446105; x=1742050905; darn=debbugs.gnu.org; h=mime-version:user-agent:content-transfer-encoding:references :in-reply-to:date:cc:to:from:subject:message-id:from:to:cc:subject :date:message-id:reply-to; bh=izoz+DJymWYJVczUoGnpycDPd1wkVntBOP7Ypl5xxik=; b=QWufznLMtVixVDQIuN2GdzW5NATXMBVwGctrmTwXrWN+Zx5DRhA+MK7VLFUb7M2cQj DkxjOe8WGKiotD1lJjqbbEkAKtU7k4LKnvItWQnXf9QPKPb7tlNbkfpiu4ib3PoZBit7 vWHAAXewg97orGKTB/7Sp4r6q4OI+c80P+NeWRPz6g8sKvumYHcWu7/wTxlDQZHD0Z8e wzDuOi15a2W9m2DM9wHDz8cwJ7bpv/l/jRpLtGs8SbbnfkalXARzO9ueVsrKBqqNRMfa rA1u9sXeVTr2lUANdlhr41Kq7F5tbDNPRH6ercQ92okp5wcM6ymPJKa4nuHzMz/FHvXZ bLeQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741446105; x=1742050905; h=mime-version:user-agent:content-transfer-encoding:references :in-reply-to:date:cc:to:from:subject:message-id:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=izoz+DJymWYJVczUoGnpycDPd1wkVntBOP7Ypl5xxik=; b=qJPi6r7nNzgWwYxPOdMRJVQNOTg8U6lWkvgtUTI7hus8hXhlY2k0cgGzANaVo0gFZm fYQEBDMaYndYhMpfr9ofCoiiEuGqZ5H5DibXeYai1NAM3aJywR7gvlwfzqFQayQI2Wdn iBQZsbQFdNEb9LEGAS5M2Nm5gZG8MpkosuC4Ju/tA8MLLY85JTlw476gpu1kfIGUUnUy k/6i/uC5ms3NfVCVj7DzluTaepvSVTu7l75hXVZDSwoPz9AN0iSapobhL7sakQOJbkdB HSyG5d0FFT+BpQGE7XPsFTLaLyZcYMor4E/cYJia09LRbyme0UK4gW9Y1STLyGVw/1IG Dw1w== X-Gm-Message-State: AOJu0YxF9S8MclZNlTdhUuMcY2hlzSiKLz77MqyaYlVvePrlT6bZQlb1 vwJPDbgf5ahFlt8zrRfV6PJNUQ52MJCrWZ6/8nW6VyZIxupZUSw8 X-Gm-Gg: ASbGncvu+XjskJvTcfp3xWsJJyl9rjcxs7StxWry7PvZuMJ0VbcNuuYj6X5Vm8Wg+2Q D7eQ1XDmVim7aQRbyIr7jIfFqRO6K1VXeIBIIjYN5oTypi2IDYKX4JvOw0XsPCZG0MVLEYP2VoO FPb71mOBjshKpHI6pr+xzxJpF8VLHqa2Ls2IL6dd9+LgeQiFEypz6xml7/chsjjL0LYB7wvxMfG 55DVpv2997Ky/Tuj8SAUnTxCJb2w4D0VPTGP5pQcskGig2YaDm9dx0lIwXIQZW7x4GW8d2dL/Oe AkmvyzkHll04796tC4WdIN4Hd9gJreFzvQqG1Sr0391/gYJgDStX2FODim5UnoRgDyhDfVC8fcO 6SW/7K6ZaSBDjPiat+BxA X-Google-Smtp-Source: AGHT+IFAPh8ESaZurLnaU9VHEOLXjnhUNnwAFRVedpgcK34ONozN7glYAAw+Iy/Xgr1XAFCLuCmSzg== X-Received: by 2002:a05:6000:18a3:b0:390:e7c1:59d3 with SMTP id ffacd0b85a97d-39132d16de1mr5007228f8f.2.1741446104540; Sat, 08 Mar 2025 07:01:44 -0800 (PST) Received: from lumine.fritz.box (85-127-114-32.dsl.dynamic.surfer.at. [85.127.114.32]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-43bd4352e29sm114812165e9.32.2025.03.08.07.01.43 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 08 Mar 2025 07:01:44 -0800 (PST) Message-ID: From: Liliana Marie Prikler Date: Sat, 08 Mar 2025 16:02:51 +0100 In-Reply-To: <87plirwphd.fsf@gmail.com> References: <87plirwphd.fsf@gmail.com> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable User-Agent: Evolution 3.54.3 MIME-Version: 1.0 X-Spam-Score: 0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Am Samstag, dem 08.03.2025 um 23:45 +0900 schrieb Maxim Cournoyer: > Hi Liliana, >=20 > Liliana Marie Prikler writes: >=20 > [...] >=20 > > > @@ -154,6 +154,7 @@ (define-module (gnu services desktop) > > > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0 gnome-desktop-configuration-extra-packages > > > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0 gnome-desktop-configuration-polkit-ignorelist > > > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0 gnome-desktop-configuration-udev-ignorelist > > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 g= nome-desktop-configuration-gnome-keyring- > > > configuration > > I would use a shorter name here.=C2=A0 Perhaps gnome-desktop- > > configuration- > > keyring? >=20 > While I agree the naming is a mouthful, I find it necessary to have > it descriptive enough that it conveys the odd situation where we are > embedding a configuration object in another configuration :-). >=20 > So I'd keep it as is, knowing it probably will be seldom typed in a > user operating system config file anyway. For the field name adding -configuration is fine, but the accessor should really be shorter. Compare slim-configuration-xorg or=C2=A0 gdm-configuration-xorg :) Cheers From unknown Sun Jun 22 08:02:55 2025 MIME-Version: 1.0 X-Mailer: MIME-tools 5.505 (Entity 5.505) X-Loop: help-debbugs@gnu.org From: help-debbugs@gnu.org (GNU bug Tracking System) To: Maxim Cournoyer Subject: bug#76864: closed (Re: [bug#76864] [PATCH] services: Integrate gnome-keyring service in gnome-desktop service.) Message-ID: References: <877c4yu0yx.fsf@gmail.com> X-Gnu-PR-Message: they-closed 76864 X-Gnu-PR-Package: guix-patches X-Gnu-PR-Keywords: patch Reply-To: 76864@debbugs.gnu.org Date: Sun, 09 Mar 2025 07:19:03 +0000 Content-Type: multipart/mixed; boundary="----------=_1741504743-14552-1" This is a multi-part message in MIME format... ------------=_1741504743-14552-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Your bug report #76864: [PATCH] services: Integrate gnome-keyring service in gnome-desktop = service. which was filed against the guix-patches package, has been closed. The explanation is attached below, along with your original report. If you require more details, please reply to 76864@debbugs.gnu.org. --=20 76864: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=3D76864 GNU Bug Tracking System Contact help-debbugs@gnu.org with problems ------------=_1741504743-14552-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at 76864-done) by debbugs.gnu.org; 9 Mar 2025 07:18:04 +0000 Received: from localhost ([127.0.0.1]:57951 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1trAvD-0003lO-W5 for submit@debbugs.gnu.org; Sun, 09 Mar 2025 03:18:04 -0400 Received: from mail-pl1-x62a.google.com ([2607:f8b0:4864:20::62a]:51297) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from ) id 1trAvB-0003ks-B1 for 76864-done@debbugs.gnu.org; Sun, 09 Mar 2025 03:18:01 -0400 Received: by mail-pl1-x62a.google.com with SMTP id d9443c01a7336-223594b3c6dso56636365ad.2 for <76864-done@debbugs.gnu.org>; Sat, 08 Mar 2025 23:18:01 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1741504675; x=1742109475; darn=debbugs.gnu.org; h=content-transfer-encoding:mime-version:user-agent:message-id:date :references:in-reply-to:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=XxK+guZJE701JV1Ca5tKK7H1AvKG4DLgFAVK+u47Q3I=; b=VXRc+a8HUnLo3TQVmkXtxyIfIsQkTEaicD3y1iaE7uhS7xXPVYot9ronMx+oKeTP9M Dkd2C+0dr6cgaJz57NxPmFahDnjbJXvXMPdjmtqwe1Rl2Ei2+2xlaHOSy5zXSGcd5f4l Z094CZLrQjlLY38M5Cg5XfSTNfe2G8OTsDJK/OqXDpmp4BGEYMtKxYlYndktUuZh2Eyl pqi9AYAOBykY4G7w6vPvMJarxX9EG6ykp6UW2XGCcXAykCWBjwKCnk7o6rrRmtUPgirw s8dJZmJg8jX9lR5KuR37Zm2CE23Ap7SdMgsQmPskF7AGMUH5tcsq3LtGZ7gSpUq4svuY VJnA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741504675; x=1742109475; h=content-transfer-encoding:mime-version:user-agent:message-id:date :references:in-reply-to:subject:cc:to:from:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=XxK+guZJE701JV1Ca5tKK7H1AvKG4DLgFAVK+u47Q3I=; b=ET/wdRV7g162cVJXioXFV8STPWflDUZ/gkyTfaV1V5DyeFsqn2IwQzEF6pOA3v8Hrp tl5yCel/XOq/Qso382DQH67/mBGqOK9o8LY/BZmTrHToUcuxePPV+jJO9u5+/bcVPhuz O6ylvG9tmoRMl4vC1FWnzsdaCrgzEfaWxhVy7l5NmpBPdSFWEnIoFZFqRudAqmKnEpGo 5Dki/YIUeDXvqyR6NTIibKKXsL8E3CaupyBVDOXZshx/F+7U+uwmBlOHUMRMI6LGw3oe W9/PAfwymx3XI6vdh1G+95BPKA3iPVi6rpcN2+atjo90AuEFkP1g4Hc4fBr9uGuDXR+W Lq2g== X-Gm-Message-State: AOJu0YycBFCHgtogi9XulLBY2g/3JsBIX8MlbuGItbLBcM546zhKNQAs RWrjXrlv1UISNIIjbMMoChvOFPWOzCNFPRXceO6jQQqswCSaFnyE X-Gm-Gg: ASbGncvw1JAbs8QpP6ojkuZPt9EAi9qQcHbwErm1QpPxWfZ7YBb7zADP7E1c2rpeA5g TrRUBpfHIgtYB6SDSqwliXP+ovGxgg63qe9Jthz4APn/2s8Rn1WX5f88UwPSnHATlfzrZo1iw/u lEuH2kaNa5wTakzqhXorRpJdtlZ4JnEBtrXGyVrjYBj+uQTPp1olgcBRhRB12WTGGjucEt1TOyy sjM94khK4GoQULPbtJ4lINNsYs6RPy5BKfbqGTRA0ZmbWZlVqt80wJQ77sza/PQ0VGX/r0VbYcH 2J1Llscv6ywR9aK33+OL1y0Ix4SwoohLVskiVGQ0HSA= X-Google-Smtp-Source: AGHT+IE25nFOyBo3XhAQbYBuWIiwW0jVRGIJlRLiRVxA7SMgSEx/7BaVKKY4afahvHGFq8OVjdbWWA== X-Received: by 2002:a05:6a00:2d90:b0:736:64b7:f104 with SMTP id d2e1a72fcca58-736aa9c1b0fmr12645156b3a.5.1741504675273; Sat, 08 Mar 2025 23:17:55 -0800 (PST) Received: from terra ([2405:6586:be0:0:83c8:d31d:2cec:f542]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-736d36e229bsm333994b3a.51.2025.03.08.23.17.53 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 08 Mar 2025 23:17:54 -0800 (PST) From: Maxim Cournoyer To: Liliana Marie Prikler Subject: Re: [bug#76864] [PATCH] services: Integrate gnome-keyring service in gnome-desktop service. In-Reply-To: (Liliana Marie Prikler's message of "Sat, 08 Mar 2025 16:02:51 +0100") References: <87plirwphd.fsf@gmail.com> Date: Sun, 09 Mar 2025 16:17:42 +0900 Message-ID: <877c4yu0yx.fsf@gmail.com> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 76864-done Cc: Vivien Kraus , Ludovic =?utf-8?Q?Court=C3=A8s?= , 76864-done@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Hi, Liliana Marie Prikler writes: [...] >> While I agree the naming is a mouthful, I find it necessary to have >> it descriptive enough that it conveys the odd situation where we are >> embedding a configuration object in another configuration :-). >>=20 >> So I'd keep it as is, knowing it probably will be seldom typed in a >> user operating system config file anyway. > For the field name adding -configuration is fine, but the accessor > should really be shorter. Compare slim-configuration-xorg or=C2=A0 > gdm-configuration-xorg :) OK, these existing precedents are enough to sway my opinion. Renamed to just '-keyring' and pushed! Thanks for the review. --=20 Thanks, Maxim ------------=_1741504743-14552-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at submit) by debbugs.gnu.org; 8 Mar 2025 12:42:09 +0000 Received: from localhost ([127.0.0.1]:53247 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tqtVI-00038y-88 for submit@debbugs.gnu.org; Sat, 08 Mar 2025 07:42:09 -0500 Received: from lists.gnu.org ([2001:470:142::17]:47100) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1tqtVE-00038K-DA for submit@debbugs.gnu.org; Sat, 08 Mar 2025 07:42:05 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tqtV6-0006kP-Tt for guix-patches@gnu.org; Sat, 08 Mar 2025 07:41:57 -0500 Received: from mail-qv1-xf31.google.com ([2607:f8b0:4864:20::f31]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1tqtV4-0005hS-Ap for guix-patches@gnu.org; Sat, 08 Mar 2025 07:41:56 -0500 Received: by mail-qv1-xf31.google.com with SMTP id 6a1803df08f44-6e8f6970326so20784896d6.0 for ; Sat, 08 Mar 2025 04:41:51 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1741437710; x=1742042510; darn=gnu.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=RYKRbva+14AjwrTk95B2moMG6Ufwl3WJidXrFV30Eu0=; b=cciCAs6g0ZFIKnRAcM+lWTL23gazD7cFHXoQ2xOXkh7KHw9IiuribrCatzlJ1h1hay jk0BYxlpnXjpIXOocNlu/6LV6udCmEt01/1SdtUSmaqYzlqkmKCaVv/jrF63dKxMYM05 HISs/G5SxenbspBmKlIaZU0J2itX2AR9u/I9g3lE7kCSy3RouxNWHSFKUC2ghId1Smqz r53s5kIubXGKMzAr104Wj/f1geOBuzyhXEyLc+QAwqsH7gnEMge5VjAyjVtVH6AOzPKV aYcNcColt6quTiZrRVA9h5G6U2oX87O1AHyu2Q9X2jW12xZYD0lzSu6/OFIEbywfuGei zlnw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741437710; x=1742042510; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=RYKRbva+14AjwrTk95B2moMG6Ufwl3WJidXrFV30Eu0=; b=EHT0WVS+fhU9WWE8Gfjo3pFSDXp0je6Vz4wUWpjsT3+O614xoBs+YZ7QJ+5r/dceO+ tEcVTTqHwYWoUtLDAEPj7+pt0MaPe4QIzfk5KxVftaBEmCvRMEGDIYJLJxOtqMXoIxat i9kx/wA+z6OakHbm4vNcE6asDhn9QeWuhJja5NzmF8Pr770387pf3QeCN1tkbgW1kW2k SzigHNggo32LjHP8y3hxT3Dv+PBg8tmbIGaEiHIvp1R1bNXZepUOU8IIMQbFG0urUgDk 0jMD37wrymOEzhHg2IMQGFC9Ms53exBGr233t59xiPxkwxJAmsjlerqnWn7WzmBKa4Ih +c1g== X-Gm-Message-State: AOJu0YxpYw6UEm33tPUq1ypCGtKpPNrxZ+4DATHDRvrNGACN4F/aDD52 yw8TTcqt7DmnseTreqFJcRn0nChDk3ZXvWh4VC6CtPrHokAWEtEpXbNnb2UPjsc= X-Gm-Gg: ASbGnctcy/Rln9JvlSo5wyS6DlzZD59+zx8HWF5fFKw9r6dZ40abmDU0uRhutHs1cPF 1z2buWrBOz0rklVsUB9KFat2mYub8wVoPeuGAO0p1a+Fyu5jkf0R1g6LxFm0CqjmmKvGbonwPns J7TP0eLg2qQuCb5FG97Vf6PF8+QLczcKT9vAZpdbGskhnhHlYvUQcZoTafMvqpfEoNalZs5i2oF JtczX/rFoJrxRDu/5WsqZ89zpl3riciS68hatdfgccp766fTmtMcpLLGazyuF39Q/AJX/cYcRZz px+j/ce+SDNXyXKeDIoun4zeIE5BOsiXnAie9sQCs0Uz+MMpN4GjOdxfMIiMHfsVW7pwW8I3BKw woJoEnDZSpbU= X-Google-Smtp-Source: AGHT+IFqXOv6sRIimjP5U+uC8KVbrrrSWrPqiha6VYun44kzeIOSYMFsvGeyT/3YHzH4ynhhJI7K+g== X-Received: by 2002:a05:6214:c48:b0:6e4:2c6e:7cdc with SMTP id 6a1803df08f44-6e900640befmr96801566d6.25.1741437710547; Sat, 08 Mar 2025 04:41:50 -0800 (PST) Received: from localhost.localdomain (vps-6234970c.vps.ovh.ca. [51.222.13.224]) by smtp.gmail.com with ESMTPSA id 6a1803df08f44-6e8f707c54fsm30877896d6.16.2025.03.08.04.41.47 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 08 Mar 2025 04:41:49 -0800 (PST) From: Maxim Cournoyer To: guix-patches@gnu.org Subject: [PATCH] services: Integrate gnome-keyring service in gnome-desktop service. Date: Sat, 8 Mar 2025 21:41:30 +0900 Message-ID: X-Mailer: git-send-email 2.48.1 MIME-Version: 1.0 X-Debbugs-Cc: Liliana Marie Prikler , Ludovic Courtès , Maxim Cournoyer , Vivien Kraus Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=2607:f8b0:4864:20::f31; envelope-from=maxim.cournoyer@gmail.com; helo=mail-qv1-xf31.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: 1.0 (+) X-Debbugs-Envelope-To: submit Cc: Maxim Cournoyer X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.0 (/) Previous to this change, GNOME users would have to manually add the gnome-keyring-service-type to their services to have a default login keyring created and unlocked at login time. Some applications depend on a default keyring being available, prompt repeatedly for it, which is confusing and doesn't match user expectations, given most distributions use the GNOME keyring pam module to unlock the login keyring by default. * doc/guix.texi (Desktop Services): Update doc. * gnu/services/desktop.scm (): Move above gnome-desktop-service-type, and streamline description. (pam-gnome-keyring): Return the empty list when CONFIG is #f. (gnome-desktop-configuration) [gnome-keyring-configuration]: New field. Change-Id: Ica26c1e1b85a038c1187edfb3ec3691fcd429641 --- doc/guix.texi | 12 +++- gnu/services/desktop.scm | 125 +++++++++++++++++++++++---------------- 2 files changed, 83 insertions(+), 54 deletions(-) diff --git a/doc/guix.texi b/doc/guix.texi index 6844470ce2..d5d08ece78 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -49,7 +49,7 @@ Copyright @copyright{} 2017, 2021 Christine Lemmer-Webber@* Copyright @copyright{} 2017, 2018, 2019, 2020, 2021, 2022 Marius Bakke@* Copyright @copyright{} 2017, 2019, 2020, 2022 Hartmut Goebel@* -Copyright @copyright{} 2017, 2019, 2020, 2021, 2022, 2023, 2024 Maxim Cournoyer@* +Copyright @copyright{} 2017, 2019--2025 Maxim Cournoyer@* Copyright @copyright{} 2017–2022 Tobias Geerinckx-Rice@* Copyright @copyright{} 2017 George Clemmer@* Copyright @copyright{} 2017 Andy Wingo@* @@ -25649,6 +25649,12 @@ Desktop Services package that should not be installed. By default, every polkit rule added by any package referenced in the other fields are installed. +@item @code{gnome-keyring-configuration} (type: gnome-keyring-configuration-or-#f) +A record used to better integrate the +GNOME keyring with the system. Refer to the documentation of the +@code{gnome-keyring-service-type} for more information. If you'd rather +avoid integrating the GNOME keyring, you can set this to @code{#f}. + @end table @end deftp @@ -26666,7 +26672,9 @@ Desktop Services @defvar gnome-keyring-service-type This is the type of the service that adds the @uref{https://wiki.gnome.org/Projects/GnomeKeyring, GNOME Keyring}. Its -value is a @code{gnome-keyring-configuration} object (see below). +value is a @code{gnome-keyring-configuration} object (see below). Note +that there is no need to use this service when using +@code{gnome-desktop-service-type}, which includes it. This service adds the @code{gnome-keyring} package to the system profile and extends PAM with entries using @code{pam_gnome_keyring.so}, unlocking diff --git a/gnu/services/desktop.scm b/gnu/services/desktop.scm index ee05bd98db..39a9da6384 100644 --- a/gnu/services/desktop.scm +++ b/gnu/services/desktop.scm @@ -154,6 +154,7 @@ (define-module (gnu services desktop) gnome-desktop-configuration-extra-packages gnome-desktop-configuration-polkit-ignorelist gnome-desktop-configuration-udev-ignorelist + gnome-desktop-configuration-gnome-keyring-configuration gnome-desktop-service gnome-desktop-service-type @@ -1471,6 +1472,65 @@ (define sane-service-type (service-extension account-service-type (const %sane-accounts)))))) + +;;; +;;; gnome-keyring-service-type +;;; + +(define-record-type* gnome-keyring-configuration + make-gnome-keyring-configuration + gnome-keyring-configuration? + (keyring gnome-keyring-package (default gnome-keyring)) + (pam-services gnome-keyring-pam-services (default '(("gdm-password" . login) + ("passwd" . passwd))))) + +(define (pam-gnome-keyring config) + ;; CONFIG may be either a or a + ;; > record, when using the + ;; gnome-keyring-service-type on its own. + (let ((config (if (gnome-desktop-configuration? config) + (gnome-desktop-configuration-gnome-keyring-configuration + config) + config))) + (match config + (#f '()) ;explicitly disabled by user + (_ + (define (%pam-keyring-entry . arguments) + (pam-entry + (control "optional") + (module (file-append (gnome-keyring-package config) + "/lib/security/pam_gnome_keyring.so")) + (arguments arguments))) + + (list + (pam-extension + (transformer + (lambda (service) + (case (assoc-ref (gnome-keyring-pam-services config) + (pam-service-name service)) + ((login) + (pam-service + (inherit service) + (auth (append (pam-service-auth service) + (list (%pam-keyring-entry)))) + (session (append (pam-service-session service) + (list (%pam-keyring-entry "auto_start")))))) + ((passwd) + (pam-service + (inherit service) + (password (append (pam-service-password service) + (list (%pam-keyring-entry)))))) + (else service)))))))))) + +(define gnome-keyring-service-type + (service-type + (name 'gnome-keyring) + (extensions (list + (service-extension pam-root-service-type pam-gnome-keyring))) + (default-value (gnome-keyring-configuration)) + (description "Return a service, that extends PAM with entries using +@code{pam_gnome_keyring.so}, unlocking a user's login keyring when they log in +or setting its password with passwd."))) ;;; @@ -1479,6 +1539,10 @@ (define sane-service-type (define-maybe/no-serialization package) +(define (gnome-keyring-configuration-or-#f? value) + (or (gnome-keyring-configuration? value) + (not value))) + (define (extract-propagated-inputs package) ;; Drop input labels. Attempt to support outputs. (map @@ -1515,7 +1579,13 @@ (define-configuration/no-serialization gnome-desktop-configuration (list-of-strings '()) "A list of regular expressions denoting polkit rules provided by any package that should not be installed. By default, every polkit rule added by any package -referenced in the other fields are installed.")) +referenced in the other fields are installed.") + (gnome-keyring-configuration + (gnome-keyring-configuration-or-#f (gnome-keyring-configuration)) + "A record used to better integrate the GNOME +keyring with the system. Refer to the documentation of the +@code{gnome-keyring-service-type} for more information. If you'd rather avoid +integrating the GNOME keyring, you can set this to @code{#f}.")) (define (gnome-package gnome name) "Return the package NAME among the GNOME package inputs. NAME can be a @@ -1636,6 +1706,8 @@ (define gnome-desktop-service-type (extensions (list (service-extension udev-service-type gnome-udev-configuration-files) + (service-extension pam-root-service-type + pam-gnome-keyring) (service-extension polkit-service-type gnome-polkit-settings) (service-extension privileged-program-service-type @@ -1972,57 +2044,6 @@ (define inputattach-service-type (description "Return a service that runs inputattach on a device and dispatches events from it."))) - -;;; -;;; gnome-keyring-service-type -;;; - -(define-record-type* gnome-keyring-configuration - make-gnome-keyring-configuration - gnome-keyring-configuration? - (keyring gnome-keyring-package (default gnome-keyring)) - (pam-services gnome-keyring-pam-services (default '(("gdm-password" . login) - ("passwd" . passwd))))) - -(define (pam-gnome-keyring config) - (define (%pam-keyring-entry . arguments) - (pam-entry - (control "optional") - (module (file-append (gnome-keyring-package config) - "/lib/security/pam_gnome_keyring.so")) - (arguments arguments))) - - (list - (pam-extension - (transformer - (lambda (service) - (case (assoc-ref (gnome-keyring-pam-services config) - (pam-service-name service)) - ((login) - (pam-service - (inherit service) - (auth (append (pam-service-auth service) - (list (%pam-keyring-entry)))) - (session (append (pam-service-session service) - (list (%pam-keyring-entry "auto_start")))))) - ((passwd) - (pam-service - (inherit service) - (password (append (pam-service-password service) - (list (%pam-keyring-entry)))))) - (else service))))))) - -(define gnome-keyring-service-type - (service-type - (name 'gnome-keyring) - (extensions (list - (service-extension pam-root-service-type pam-gnome-keyring))) - (default-value (gnome-keyring-configuration)) - (description "Return a service, that adds the @code{gnome-keyring} package -to the system profile and extends PAM with entries using -@code{pam_gnome_keyring.so}, unlocking a user's login keyring when they log in -or setting its password with passwd."))) - ;;; ;;; polkit-wheel-service -- Allow wheel group to perform admin actions base-commit: 1f26b0eec83b5dc949900a743ed01088cb093c65 -- 2.48.1 ------------=_1741504743-14552-1--