Commit graph

10 commits

Author SHA1 Message Date
Ludovic Courtès
8b8ab17561
accounts: Fix typo in comment.
* gnu/build/accounts.scm (passwd->shadow): Fix typo in comment.
2023-10-12 18:53:06 +02:00
Ludovic Courtès
002c5bec07
accounts: Ensure ‘last-change’ field of shadow entries is never zero.
* gnu/build/accounts.scm (passwd->shadow): Add ‘max’ call so NOW is
greater than or equal to 1.
2023-10-08 23:43:49 +02:00
Ludovic Courtès
671e6a8180
system: Allow 'chfn' to change the user's full name.
Fixes <https://issues.guix.gnu.org/52539>.
Reported by Jacob First <jacob.first@member.fsf.org>.

* gnu/build/accounts.scm (allocate-passwd): Add comment as to why
'real-name' is taken from PREVIOUS.  Add (not system?) to the
condition.
* gnu/system.scm (operating-system-etc-service) <login.defs>: Add
"CHFN_RESTRICT".
* gnu/system.scm (%setuid-programs): Add "chfn".
* gnu/system/pam.scm (base-pam-services): Add "chfn".
* doc/guix.texi (User Accounts): Document it.
2022-01-01 15:10:12 +01:00
Ludovic Courtès
dd4e46edda
accounts: Delete duplicate entries.
When adding multiple instances of a service requiring some user
account/group, we could end up with multiple entries for that account or
group in /etc/passwd or /etc/group.

* gnu/build/accounts.scm (database-writer)[write-entries]: Add call to
'delete-duplicates'.
* tests/accounts.scm ("write-passwd with duplicate entry"): New test.
2019-08-28 00:27:14 +02:00
Ludovic Courtès
c25b44d640
accounts: Use 'fsync' instead of 'fdatasync'.
* gnu/build/accounts.scm (catch-ENOSYS): Remove.
(database-writer): Use 'fsync' instead of 'fdatasync'.
2019-06-27 11:14:40 +02:00
Ludovic Courtès
d088d5c484
accounts: Call 'fdatasync' when writing databases.
* gnu/build/accounts.scm (catch-ENOSYS): New macro.
(database-writer): Call 'fdatasync'.
2019-06-05 23:10:37 +02:00
Ludovic Courtès
ed8570dce3
accounts: Close database before renaming it.
Fixes <https://bugs.gnu.org/35996>.
Reported by Florian Pelz <pelzflorian@pelzflorian.de>.

* gnu/build/accounts.scm (database-writer): Move 'close-port' call
before 'rename-file'.
2019-06-05 23:10:37 +02:00
Ludovic Courtès
d497b6ab39
activation: Lock /etc/.pwd.lock before accessing databases.
Suggested by Florian Pelz <pelzflorian@pelzflorian.de>
in <http://bugs.gnu.org/35996>.

* gnu/build/accounts.scm (%password-lock-file): New variable.
* gnu/build/activation.scm (activate-users+groups): Wrap calls to
'user+group-databases', 'write-group', etc. into 'with-file-lock'.
2019-06-05 23:10:36 +02:00
Ludovic Courtès
504a0fc636
accounts: Always honor the configured user account shell.
Starting from commit 0ae735bcc8, Guix
System would preserve the user shell across reconfigure and reboot.
This was done so as to allow for the use of 'chsh'.

This proved to be a misguided decision.  This commit goes back to
considering user shells as config and not "state."

* gnu/build/accounts.scm (allocate-passwd): Do not use shell from
PREVIOUS.
2019-04-26 14:19:36 +02:00
Ludovic Courtès
ec600e4544
Add (gnu build accounts).
* gnu/build/accounts.scm, tests/accounts.scm: New files.
* Makefile.am (SCM_TESTS): Add tests/accounts.scm.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add build/accounts.scm.
2019-03-07 20:05:09 +01:00