Changed to sddm, and made sssd recognize groups properly

master
noah metz 2023-12-05 21:30:07 -07:00
parent 99904ae91b
commit 508e6023e2
2 changed files with 14 additions and 10 deletions

@ -26,10 +26,13 @@
(if val "True" "False")))) (if val "True" "False"))))
(define-configuration sssd-domain-configuration (define-configuration sssd-domain-configuration
(debug_level maybe-string "debug level")
(id_provider maybe-string "id provider") (id_provider maybe-string "id provider")
(auth_provider maybe-string "auth provider") (auth_provider maybe-string "auth provider")
(cache_credentials maybe-boolean "cache credentials") (cache_credentials maybe-boolean "cache credentials")
(ldap_uri maybe-string "ldap server uri") (ldap_uri maybe-string "ldap server uri")
(ldap_group_member maybe-string "group member attribute")
(ldap_group_object_class maybe-string "group object class")
(ldap_tls_reqcert maybe-string "tls_reqcert") (ldap_tls_reqcert maybe-string "tls_reqcert")
(ldap_tls_cacertdir maybe-string "ca certificate directory") (ldap_tls_cacertdir maybe-string "ca certificate directory")
(ldap_search_base maybe-string "base dn for search") (ldap_search_base maybe-string "base dn for search")
@ -66,7 +69,7 @@
(define-configuration sssd-configuration (define-configuration sssd-configuration
(sssd (file-like sssd) "sssd package to use") (sssd (file-like sssd) "sssd package to use")
(pam-services (list-of-strings (list "su" "gdm-password" "login" "sshd" (pam-services (list-of-strings (list "su" "sddm" "login" "sshd"
"passwd")) "passwd"))
"list of pam services to configure login for" "list of pam services to configure login for"
(lambda (a b) (lambda (a b)

@ -15,6 +15,8 @@
#:use-module (gnu services kerberos) #:use-module (gnu services kerberos)
#:use-module (metznet services sssd) #:use-module (metznet services sssd)
#:use-module (gnu services base) #:use-module (gnu services base)
#:use-module (gnu services sddm)
#:use-module (gnu services xorg)
#:use-module (gnu services) #:use-module (gnu services)
#:use-module (gnu services desktop) #:use-module (gnu services desktop)
#:use-module (gnu services networking) #:use-module (gnu services networking)
@ -174,7 +176,7 @@
"user shells to link") "user shells to link")
(pam-services (list-of-strings (list (pam-services (list-of-strings (list
"su" "su"
"gdm-password" "sddm"
"login" "login"
"sshd" "sshd"
"passwd")) "passwd"))
@ -232,10 +234,15 @@
(sssd-configuration (domains (list (cons "metznet.ca" (sssd-configuration (domains (list (cons "metznet.ca"
(sssd-domain-configuration (id_provider (sssd-domain-configuration (id_provider
"ldap") "ldap")
(debug_level "10")
(auth_provider (auth_provider
"ldap") "ldap")
(cache_credentials (cache_credentials
#t) #t)
(ldap_group_member
"member")
(ldap_group_object_class
"posixGroupAux")
(ldap_uri (ldap_uri
"ldaps://ldap.metznet.ca") "ldaps://ldap.metznet.ca")
(ldap_tls_reqcert (ldap_tls_reqcert
@ -342,16 +349,10 @@
%nscd-default-caches)))) %nscd-default-caches))))
(define %metznet-desktop-services (define %metznet-desktop-services
(append %metznet-services (append %metznet-services (list (service sddm-service-type (sddm-configuration)))
(modify-services %desktop-services (modify-services %desktop-services
(delete gdm-service-type)
(nscd-service-type config => %metznet-nscd-configuration) (nscd-service-type config => %metznet-nscd-configuration)
(udev-service-type config =>
(udev-configuration (inherit config)
(rules (append (list
%tun-udev-rule
%backlight-udev-rule)
(udev-configuration-rules
config)))))
(network-manager-service-type config => (network-manager-service-type config =>
(network-manager-configuration (inherit (network-manager-configuration (inherit
config) config)