parent
3962ec068f
commit
1a29fcae69
@ -0,0 +1,34 @@ |
||||
{ config, lib, ... }: |
||||
|
||||
let |
||||
inherit (lib) mkOption mkIf types mapAttrsToList; |
||||
cfg = config.programs.dconf; |
||||
|
||||
mkDconfProfile = name: path: |
||||
{ source = path; target = "dconf/profile/${name}"; }; |
||||
|
||||
in |
||||
{ |
||||
###### interface |
||||
|
||||
options = { |
||||
programs.dconf = { |
||||
|
||||
profiles = mkOption { |
||||
type = types.attrsOf types.path; |
||||
default = {}; |
||||
description = "Set of dconf profile files."; |
||||
internal = true; |
||||
}; |
||||
|
||||
}; |
||||
}; |
||||
|
||||
###### implementation |
||||
|
||||
config = mkIf (cfg.profiles != {}) { |
||||
environment.etc = |
||||
(mapAttrsToList mkDconfProfile cfg.profiles); |
||||
}; |
||||
|
||||
} |
@ -0,0 +1,151 @@ |
||||
{ config, lib, pkgs, ... }: |
||||
|
||||
with lib; |
||||
|
||||
let |
||||
|
||||
cfg = config.services.xserver.displayManager; |
||||
gdm = pkgs.gnome3_12.gdm; # gdm 3.10 not supported |
||||
gnome3 = config.environment.gnome3.packageSet; |
||||
|
||||
in |
||||
|
||||
{ |
||||
|
||||
###### interface |
||||
|
||||
options = { |
||||
|
||||
services.xserver.displayManager.gdm = { |
||||
|
||||
enable = mkOption { |
||||
type = types.bool; |
||||
default = false; |
||||
example = true; |
||||
description = '' |
||||
Whether to enable GDM as the display manager. |
||||
<emphasis>GDM is very experimental and may render system unusable.</emphasis> |
||||
''; |
||||
}; |
||||
|
||||
}; |
||||
|
||||
}; |
||||
|
||||
|
||||
###### implementation |
||||
|
||||
config = mkIf cfg.gdm.enable { |
||||
|
||||
services.xserver.displayManager.slim.enable = false; |
||||
|
||||
users.extraUsers.gdm = |
||||
{ name = "gdm"; |
||||
uid = config.ids.uids.gdm; |
||||
group = "gdm"; |
||||
home = "/run/gdm"; |
||||
description = "GDM user"; |
||||
}; |
||||
|
||||
users.extraGroups.gdm.gid = config.ids.gids.gdm; |
||||
|
||||
services.xserver.displayManager.job = |
||||
{ |
||||
environment = { |
||||
GDM_X_SERVER = "${cfg.xserverBin} ${cfg.xserverArgs}"; |
||||
GDM_SESSIONS_DIR = "${cfg.session.desktops}"; |
||||
XDG_CONFIG_DIRS = "${gnome3.gnome_settings_daemon}/etc/xdg"; |
||||
}; |
||||
execCmd = "exec ${gdm}/sbin/gdm"; |
||||
}; |
||||
|
||||
# Because sd_login_monitor_new requires /run/systemd/machines |
||||
systemd.services.display-manager.wants = [ "systemd-machined.service" ]; |
||||
systemd.services.display-manager.after = [ "systemd-machined.service" ]; |
||||
|
||||
systemd.services.display-manager.path = [ gnome3.gnome_shell gnome3.caribou ]; |
||||
|
||||
services.dbus.packages = [ gdm ]; |
||||
|
||||
programs.dconf.profiles.gdm = "${gdm}/share/dconf/profile/gdm"; |
||||
|
||||
# GDM LFS PAM modules, adapted somehow to NixOS |
||||
security.pam.services = { |
||||
gdm-launch-environment.text = '' |
||||
auth required pam_succeed_if.so audit quiet_success user = gdm |
||||
auth optional pam_permit.so |
||||
|
||||
account required pam_succeed_if.so audit quiet_success user = gdm |
||||
account sufficient pam_unix.so |
||||
|
||||
password required pam_deny.so |
||||
|
||||
session required pam_succeed_if.so audit quiet_success user = gdm |
||||
session required pam_env.so envfile=${config.system.build.pamEnvironment} |
||||
session optional ${pkgs.systemd}/lib/security/pam_systemd.so |
||||
session optional pam_keyinit.so force revoke |
||||
session optional pam_permit.so |
||||
''; |
||||
|
||||
gdm.text = '' |
||||
auth requisite pam_nologin.so |
||||
auth required pam_env.so |
||||
|
||||
auth required pam_succeed_if.so uid >= 1000 quiet |
||||
auth optional ${gnome3.gnome_keyring}/lib/security/pam_gnome_keyring.so |
||||
auth sufficient pam_unix.so nullok likeauth |
||||
auth required pam_deny.so |
||||
|
||||
account sufficient pam_unix.so |
||||
|
||||
password requisite pam_unix.so nullok sha512 |
||||
|
||||
session required pam_env.so envfile=${config.system.build.pamEnvironment} |
||||
session required pam_unix.so |
||||
session required pam_loginuid.so |
||||
session optional ${pkgs.systemd}/lib/security/pam_systemd.so |
||||
session optional ${gnome3.gnome_keyring}/lib/security/pam_gnome_keyring.so auto_start |
||||
''; |
||||
|
||||
gdm-password.text = '' |
||||
auth requisite pam_nologin.so |
||||
auth required pam_env.so envfile=${config.system.build.pamEnvironment} |
||||
|
||||
auth required pam_succeed_if.so uid >= 1000 quiet |
||||
auth optional ${gnome3.gnome_keyring}/lib/security/pam_gnome_keyring.so |
||||
auth sufficient pam_unix.so nullok likeauth |
||||
auth required pam_deny.so |
||||
|
||||
account sufficient pam_unix.so |
||||
|
||||
password requisite pam_unix.so nullok sha512 |
||||
|
||||
session required pam_env.so envfile=${config.system.build.pamEnvironment} |
||||
session required pam_unix.so |
||||
session required pam_loginuid.so |
||||
session optional ${pkgs.systemd}/lib/security/pam_systemd.so |
||||
session optional ${gnome3.gnome_keyring}/lib/security/pam_gnome_keyring.so auto_start |
||||
''; |
||||
|
||||
gdm-autologin.text = '' |
||||
auth requisite pam_nologin.so |
||||
|
||||
auth required pam_succeed_if.so uid >= 1000 quiet |
||||
auth required pam_permit.so |
||||
|
||||
account sufficient pam_unix.so |
||||
|
||||
password requisite pam_unix.so nullok sha512 |
||||
|
||||
session optional pam_keyinit.so revoke |
||||
session required pam_env.so envfile=${config.system.build.pamEnvironment} |
||||
session required pam_unix.so |
||||
session required pam_loginuid.so |
||||
session optional ${pkgs.systemd}/lib/security/pam_systemd.so |
||||
''; |
||||
|
||||
}; |
||||
|
||||
}; |
||||
|
||||
} |
@ -0,0 +1,18 @@ |
||||
diff --git a/daemon/gdm-slave.c b/daemon/gdm-slave.c
|
||||
index 1afe48e..e3d1ec2 100644
|
||||
--- a/daemon/gdm-slave.c
|
||||
+++ b/daemon/gdm-slave.c
|
||||
@@ -291,9 +291,10 @@ gdm_slave_connect_to_x11_display (GdmSlave *slave)
|
||||
|
||||
gdm_error_trap_push ();
|
||||
|
||||
- for (i = 0; i < G_N_ELEMENTS (host_entries); i++) {
|
||||
+ /*for (i = 0; i < G_N_ELEMENTS (host_entries); i++) {
|
||||
XAddHost (slave->priv->server_display, &host_entries[i]);
|
||||
- }
|
||||
+ }*/
|
||||
+ XDisableAccessControl(slave->priv->server_display);
|
||||
|
||||
XSync (slave->priv->server_display, False);
|
||||
if (gdm_error_trap_pop ()) {
|
||||
|
@ -0,0 +1,26 @@ |
||||
--- a/daemon/gdm-launch-environment.c 2014-08-03 12:05:39.380178964 +0200
|
||||
+++ b/daemon/gdm-launch-environment.c 2014-08-03 12:08:26.570182517 +0200
|
||||
@@ -224,6 +224,7 @@
|
||||
NULL
|
||||
};
|
||||
char *system_data_dirs;
|
||||
+ char *system_config_dirs;
|
||||
int i;
|
||||
|
||||
load_lang_config_file (LANG_CONFIG_FILE,
|
||||
@@ -251,6 +252,15 @@
|
||||
system_data_dirs));
|
||||
g_free (system_data_dirs);
|
||||
|
||||
+ system_config_dirs = g_strjoinv (":", (char **) g_get_system_config_dirs ());
|
||||
+
|
||||
+ g_hash_table_insert (hash,
|
||||
+ g_strdup ("XDG_CONFIG_DIRS"),
|
||||
+ g_strdup_printf ("%s",
|
||||
+ system_config_dirs));
|
||||
+ g_free (system_config_dirs);
|
||||
+
|
||||
+
|
||||
g_hash_table_insert (hash, g_strdup ("XAUTHORITY"), g_strdup (launch_environment->priv->x11_authority_file));
|
||||
|
||||
g_hash_table_insert (hash, g_strdup ("LOGNAME"), g_strdup (launch_environment->priv->user_name));
|
@ -0,0 +1,17 @@ |
||||
diff --git a/daemon/gdm-session.c b/daemon/gdm-session.c
|
||||
index f759d2d..d154716 100644
|
||||
--- a/daemon/gdm-session.c
|
||||
+++ b/daemon/gdm-session.c
|
||||
@@ -373,9 +373,12 @@ get_system_session_dirs (void)
|
||||
#ifdef ENABLE_WAYLAND_SUPPORT
|
||||
DATADIR "/wayland-sessions/",
|
||||
#endif
|
||||
+ NULL,
|
||||
NULL
|
||||
};
|
||||
|
||||
+ search_dirs[4] = getenv("GDM_SESSIONS_DIR") != NULL ? getenv("GDM_SESSIONS_DIR") : NULL;
|
||||
+
|
||||
return search_dirs;
|
||||
}
|
||||
|
@ -0,0 +1,15 @@ |
||||
--- a/daemon/gdm-server.c 2014-07-30 23:00:17.786841724 +0200
|
||||
+++ b/daemon/gdm-server.c 2014-07-30 23:02:10.491239180 +0200
|
||||
@@ -322,7 +322,11 @@
|
||||
fallback:
|
||||
#endif
|
||||
|
||||
- server->priv->command = g_strdup_printf (X_SERVER X_SERVER_ARG_FORMAT, verbosity, debug_options);
|
||||
+ if (g_getenv("GDM_X_SERVER") != NULL) {
|
||||
+ server->priv->command = g_strdup (g_getenv("GDM_X_SERVER"));
|
||||
+ } else {
|
||||
+ server->priv->command = g_strdup_printf (X_SERVER X_SERVER_ARG_FORMAT, verbosity, debug_options);
|
||||
+ }
|
||||
}
|
||||
|
||||
static gboolean
|
Loading…
Reference in new issue