services: base: Deprecate 'pam-limits-service' procedure.

* doc/guix.texi (Base Services): Replace pam-limits-service with pam-limits-service-type.
* gnu/packages/benchmark.scm (python-locust)[description]: Update index anchor to manual.
* gnu/services/base.scm (pam-limits-service-type): Set default value.
(pam-limits-service): Deprecate procedure.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This commit is contained in:
Bruno Victal 2023-03-04 21:17:38 +00:00 committed by Ludovic Courtès
parent 59878230f4
commit ed50531885
No known key found for this signature in database
GPG key ID: 090B11993D9AEBB5
3 changed files with 28 additions and 19 deletions

View file

@ -18959,7 +18959,6 @@ will fail if @var{device} does not exist.
@end table
@end deftp
@anchor{pam-limits-service}
@cindex session limits
@cindex ulimit
@cindex priority
@ -18967,22 +18966,28 @@ will fail if @var{device} does not exist.
@cindex jackd
@cindex nofile
@cindex open file descriptors
@deffn {Scheme Procedure} pam-limits-service [#:limits @code{'()}]
Return a service that installs a configuration file for the
@anchor{pam-limits-service-type}
@defvar pam-limits-service-type
Type of the service that installs a configuration file for the
@uref{http://linux-pam.org/Linux-PAM-html/sag-pam_limits.html,
@code{pam_limits} module}. The procedure optionally takes a list of
@code{pam-limits-entry} values, which can be used to specify
@code{ulimit} limits and @code{nice} priority limits to user sessions.
@code{pam_limits} module}. The value for this service type is
a file-like object containing a list of @code{pam-limits-entry} values
which can be used to specify @code{ulimit} limits and @code{nice}
priority limits to user sessions.
The following limits definition sets two hard and soft limits for all
login sessions of users in the @code{realtime} group:
@lisp
(pam-limits-service
(list
(pam-limits-entry "@@realtime" 'both 'rtprio 99)
(pam-limits-entry "@@realtime" 'both 'memlock 'unlimited)))
(service
pam-limits-service-type
(plain-file
"limits.conf"
(string-join
(map pam-limits-entry->string
(list (pam-limits-entry "@@realtime" 'both 'rtprio 99)
(pam-limits-entry "@@realtime" 'both 'memlock 'unlimited)))
"\n")))
@end lisp
The first entry increases the maximum realtime priority for
@ -18994,9 +18999,11 @@ Another useful example is raising the maximum number of open file
descriptors that can be used:
@lisp
(pam-limits-service
(list
(pam-limits-entry "*" 'both 'nofile 100000)))
(service
pam-limits-service-type
(plain-file
"limits.conf"
(pam-limits-entry->string (pam-limits-entry "*" 'both 'nofile 100000))))
@end lisp
In the above example, the asterisk means the limit should apply to any
@ -19005,7 +19012,7 @@ maximum system value visible in the @file{/proc/sys/fs/file-max} file,
else the users would be prevented from login in. For more information
about the Pluggable Authentication Module (PAM) limits, refer to the
@samp{pam_limits} man page from the @code{linux-pam} package.
@end deffn
@end defvar
@defvar greetd-service-type
@uref{https://git.sr.ht/~kennylevinsen/greetd, @code{greetd}} is a minimal and

View file

@ -458,7 +458,7 @@ (define-public python-locust
Note: Locust will complain if the available open file descriptors limit for
the user is too low. To raise such limit on a Guix System, refer to
@samp{info guix --index-search=pam-limits-service}.")
@samp{info guix --index-search=pam-limits-service-type}.")
(license license:expat)))
(define-public interbench

View file

@ -246,7 +246,7 @@ (define-module (gnu services base)
kmscon-service-type
pam-limits-service-type
pam-limits-service
pam-limits-service ; deprecated
greetd-service-type
greetd-configuration
@ -1616,9 +1616,11 @@ (module "pam_limits.so")
(description
"Install the specified resource usage limits by populating
@file{/etc/security/limits.conf} and using the @code{pam_limits}
authentication module."))))
authentication module.")
(default-value (plain-file "limits.conf" "")))))
(define* (pam-limits-service #:optional (limits '()))
(define-deprecated (pam-limits-service #:optional (limits '()))
pam-limits-service-type
"Return a service that makes selected programs respect the list of
pam-limits-entry specified in LIMITS via pam_limits.so."
(service pam-limits-service-type