Changed to sddm, and made sssd recognize groups properly

2023-12-05 21:30:07 -07:00 · 2023-12-05 21:30:07 -07:00 · 508e6023e2
parent 99904ae91b
commit 508e6023e2
2 changed files with 14 additions and 10 deletions
--- a/metznet/services/sssd.scm
+++ b/metznet/services/sssd.scm
@ -26,10 +26,13 @@
                     (if val "True" "False"))))

 (define-configuration sssd-domain-configuration
+  (debug_level maybe-string "debug level")
  (id_provider maybe-string "id provider")
  (auth_provider maybe-string "auth provider")
  (cache_credentials maybe-boolean "cache credentials")
  (ldap_uri maybe-string "ldap server uri")
+  (ldap_group_member maybe-string "group member attribute")
+  (ldap_group_object_class maybe-string "group object class")
  (ldap_tls_reqcert maybe-string "tls_reqcert")
  (ldap_tls_cacertdir maybe-string "ca certificate directory")
  (ldap_search_base maybe-string "base dn for search")
@ -66,7 +69,7 @@

 (define-configuration sssd-configuration
  (sssd (file-like sssd) "sssd package to use")
-  (pam-services (list-of-strings (list "su" "gdm-password" "login" "sshd"
+  (pam-services (list-of-strings (list "su" "sddm" "login" "sshd"
                                       "passwd"))
                "list of pam services to configure login for"
                (lambda (a b)
--- a/metznet/system/base-system.scm
+++ b/metznet/system/base-system.scm
@ -15,6 +15,8 @@
  #:use-module (gnu services kerberos)
  #:use-module (metznet services sssd)
  #:use-module (gnu services base)
+  #:use-module (gnu services sddm)
+  #:use-module (gnu services xorg)
  #:use-module (gnu services)
  #:use-module (gnu services desktop)
  #:use-module (gnu services networking)
@ -174,7 +176,7 @@
                                                    "user shells to link")
                                       (pam-services (list-of-strings (list
                                                                       "su"
-                                                                       "gdm-password"
+                                                                       "sddm"
                                                                       "login"
                                                                       "sshd"
                                                                       "passwd"))
@ -232,10 +234,15 @@
  (sssd-configuration (domains (list (cons "metznet.ca"
                                           (sssd-domain-configuration (id_provider
                                                                       "ldap")
+                                                                      (debug_level "10")
                                                                      (auth_provider
                                                                       "ldap")
                                                                      (cache_credentials
                                                                       #t)
+                                                                      (ldap_group_member
+                                                                        "member")
+                                                                      (ldap_group_object_class
+                                                                        "posixGroupAux")
                                                                      (ldap_uri
                                                                       "ldaps://ldap.metznet.ca")
                                                                      (ldap_tls_reqcert
@ -342,16 +349,10 @@
                                      %nscd-default-caches))))

 (define %metznet-desktop-services
-  (append %metznet-services
+  (append %metznet-services (list (service sddm-service-type (sddm-configuration)))
          (modify-services %desktop-services
+            (delete gdm-service-type)
            (nscd-service-type config => %metznet-nscd-configuration)
-            (udev-service-type config =>
-                               (udev-configuration (inherit config)
-                                                   (rules (append (list
-                                                                   %tun-udev-rule
-                                                                   %backlight-udev-rule)
-                                                                  (udev-configuration-rules
-                                                                   config)))))
            (network-manager-service-type config =>
                                          (network-manager-configuration (inherit
                                                                          config)