1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
|
# D-Bus configuration and system bus daemon.
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.dbus;
homeDir = "/var/run/dbus";
systemExtraxml = concatStrings (flip concatMap cfg.packages (d: [
"<servicedir>${d}/share/dbus-1/system-services</servicedir>"
"<includedir>${d}/etc/dbus-1/system.d</includedir>"
]));
sessionExtraxml = concatStrings (flip concatMap cfg.packages (d: [
"<servicedir>${d}/share/dbus-1/services</servicedir>"
"<includedir>${d}/etc/dbus-1/session.d</includedir>"
]));
configDir = pkgs.stdenv.mkDerivation {
name = "dbus-conf";
preferLocalBuild = true;
allowSubstitutes = false;
buildCommand = ''
mkdir -p $out
sed '${./dbus-system-local.conf.in}' \
-e 's,@servicehelper@,${config.security.permissionsWrapperDir}/dbus-daemon-launch-helper,g' \
-e 's,@extra@,${systemExtraxml},' \
> "$out/system-local.conf"
sed '${./dbus-session-local.conf.in}' \
-e 's,@extra@,${sessionExtraxml},' \
> "$out/session-local.conf"
'';
};
in
{
###### interface
options = {
services.dbus = {
enable = mkOption {
type = types.bool;
default = false;
internal = true;
description = ''
Whether to start the D-Bus message bus daemon, which is
required by many other system services and applications.
'';
};
packages = mkOption {
type = types.listOf types.path;
default = [ ];
description = ''
Packages whose D-Bus configuration files should be included in
the configuration of the D-Bus system-wide or session-wide
message bus. Specifically, files in the following directories
will be included into their respective DBus configuration paths:
<filename><replaceable>pkg</replaceable>/etc/dbus-1/system.d</filename>
<filename><replaceable>pkg</replaceable>/share/dbus-1/system-services</filename>
<filename><replaceable>pkg</replaceable>/etc/dbus-1/session.d</filename>
<filename><replaceable>pkg</replaceable>/share/dbus-1/services</filename>
'';
};
};
};
###### implementation
config = mkIf cfg.enable {
environment.systemPackages = [ pkgs.dbus.daemon pkgs.dbus_tools ];
environment.etc = singleton
{ source = configDir;
target = "dbus-1";
};
users.extraUsers.messagebus = {
uid = config.ids.uids.messagebus;
description = "D-Bus system message bus daemon user";
home = homeDir;
group = "messagebus";
};
users.extraGroups.messagebus.gid = config.ids.gids.messagebus;
systemd.packages = [ pkgs.dbus.daemon ];
security.permissionsWrappers.setuid = singleton
{ program = "dbus-daemon-launch-helper";
source = "${pkgs.dbus_daemon}/libexec/dbus-daemon-launch-helper";
owner = "root";
group = "messagebus";
setuid = true;
setgid = false;
permissions = "u+rx,g+rx,o-rx";
};
services.dbus.packages = [
pkgs.dbus.out
config.system.path
];
# Don't restart dbus-daemon. Bad things tend to happen if we do.
systemd.services.dbus.reloadIfChanged = true;
systemd.services.dbus.restartTriggers = [ configDir ];
environment.pathsToLink = [ "/etc/dbus-1" "/share/dbus-1" ];
};
}
|