~ruther/guix-local: system: Add the 'system?' field for user groups.

5 files changed, 37 insertions(+), 23 deletions(-)

M doc/guix.texi
M gnu/system.scm
M gnu/system/file-systems.scm
M gnu/system/shadow.scm
M guix/build/activation.scm

M doc/guix.texi => doc/guix.texi +4 -0

@@ 3201,6 3201,10 @@ The group's name.
 The group identifier (a number).  If @code{#f}, a new number is
 automatically allocated when the group is created.
 
+@item @code{system?} (default: @code{#f})
+This Boolean value indicates whether the group is a ``system'' group.
+System groups have low numerical IDs.
+
 @item @code{password} (default: @code{#f})
 What, user groups can have a password?  Well, apparently yes.  Unless
 @code{#f}, this field specifies the group's password.

M gnu/system.scm => gnu/system.scm +2 -1

@@ 363,7 363,8 @@ alias ll='ls -l'
 'active-groups'."
   #~(list #$(user-group-name group)
           #$(user-group-password group)
-          #$(user-group-id group)))
+          #$(user-group-id group)
+          #$(user-group-system? group)))
 
 (define (user-account->gexp account)
   "Turn ACCOUNT, a <user-account> object, into a list-valued gexp suitable for

M gnu/system/file-systems.scm => gnu/system/file-systems.scm +1 -1

@@ 95,7 95,7 @@
 (define %tty-gid
   ;; ID of the 'tty' group.  Allocate it statically to make it easy to refer
   ;; to it from here and from the 'tty' group definitions.
-  1004)
+  996)
 
 (define %pseudo-terminal-file-system
   ;; The pseudo-terminal file system.  It needs to be mounted so that

M gnu/system/shadow.scm => gnu/system/shadow.scm +24 -18

@@ 43,6 43,7 @@
             user-group-name
             user-group-password
             user-group-id
+            user-group-system?
 
             default-skeletons
             skeleton-directory


@@ 75,28 76,33 @@
   user-group?
   (name           user-group-name)
   (password       user-group-password (default #f))
-  (id             user-group-id (default #f)))
+  (id             user-group-id (default #f))
+  (system?        user-group-system?              ; Boolean
+                  (default #f)))
 
 (define %base-groups
   ;; Default set of groups.
-  (list (user-group (name "root") (id 0))
-        (user-group (name "wheel"))               ; root-like users
-        (user-group (name "users"))               ; normal users
-        (user-group (name "nogroup"))             ; for daemons etc.
+  (let-syntax ((system-group (syntax-rules ()
+                               ((_ args ...)
+                                (user-group (system? #t) args ...)))))
+    (list (system-group (name "root") (id 0))
+          (system-group (name "wheel"))              ; root-like users
+          (system-group (name "users"))              ; normal users
+          (system-group (name "nogroup"))            ; for daemons etc.
 
-        ;; The following groups are conventionally used by things like udev to
-        ;; control access to hardware devices.
-        (user-group (name "tty") (id %tty-gid))
-        (user-group (name "dialout"))
-        (user-group (name "kmem"))
-        (user-group (name "video"))
-        (user-group (name "audio"))
-        (user-group (name "netdev"))              ; used in avahi-dbus.conf
-        (user-group (name "lp"))
-        (user-group (name "disk"))
-        (user-group (name "floppy"))
-        (user-group (name "cdrom"))
-        (user-group (name "tape"))))
+          ;; The following groups are conventionally used by things like udev to
+          ;; control access to hardware devices.
+          (system-group (name "tty") (id %tty-gid))
+          (system-group (name "dialout"))
+          (system-group (name "kmem"))
+          (system-group (name "video"))
+          (system-group (name "audio"))
+          (system-group (name "netdev"))             ; used in avahi-dbus.conf
+          (system-group (name "lp"))
+          (system-group (name "disk"))
+          (system-group (name "floppy"))
+          (system-group (name "cdrom"))
+          (system-group (name "tape")))))
 
 (define (default-skeletons)
   "Return the default skeleton files for /etc/skel.  These files are copied by

M guix/build/activation.scm => guix/build/activation.scm +6 -3

@@ 36,13 36,14 @@
 ;;;
 ;;; Code:
 
-(define* (add-group name #:key gid password
+(define* (add-group name #:key gid password system?
                     (log-port (current-error-port)))
   "Add NAME as a user group, with the given numeric GID if specified."
   ;; Use 'groupadd' from the Shadow package.
   (format log-port "adding group '~a'...~%" name)
   (let ((args `(,@(if gid `("-g" ,(number->string gid)) '())
                 ,@(if password `("-p" ,password) '())
+                ,@(if system? `("--system") '())
                 ,name)))
     (zero? (apply system* "groupadd" args))))
 


@@ 128,9 129,11 @@ numeric gid or #f."
 
   ;; Then create the groups.
   (for-each (match-lambda
-             ((name password gid)
+             ((name password gid system?)
               (unless (false-if-exception (getgrnam name))
-                (add-group name #:gid gid #:password password))))
+                (add-group name
+                           #:gid gid #:password password
+                           #:system? system?))))
             groups)
 
   ;; Finally create the other user accounts.