nixos/colord: don't run as root

Using systemd.packages because there's
a system colord service and colord-session user service
included.

2 files changed, 11 insertions, 9 deletions

diff --git a/nixos/modules/services/x11/colord.nix b/nixos/modules/services/x11/colord.nix
index d9e81d75072..17568df091d 100644
--- a/nixos/modules/services/x11/colord.nix
+++ b/nixos/modules/services/x11/colord.nix
@@ -18,22 +18,23 @@ in {
 
   config = mkIf cfg.enable {
 
+    environment.systemPackages = [ pkgs.colord ];
+
     services.dbus.packages = [ pkgs.colord ];
 
     services.udev.packages = [ pkgs.colord ];
 
-    environment.systemPackages = [ pkgs.colord ];
+    systemd.packages = [ pkgs.colord ];
 
-    systemd.services.colord = {
-      description = "Manage, Install and Generate Color Profiles";
-      serviceConfig = {
-        Type = "dbus";
-        BusName = "org.freedesktop.ColorManager";
-        ExecStart = "${pkgs.colord}/libexec/colord";
-        PrivateTmp = true;
-      };
+    environment.etc."tmpfiles.d/colord.conf".source = "${pkgs.colord}/lib/tmpfiles.d/colord.conf";
+
+    users.users.colord = {
+      home = "/var/lib/colord";
+      group = "colord";
     };
 
+    users.groups.colord = {};
+
   };
 
 }
diff --git a/pkgs/tools/misc/colord/default.nix b/pkgs/tools/misc/colord/default.nix
index e89f93a4a82..0719fb36164 100644
--- a/pkgs/tools/misc/colord/default.nix
+++ b/pkgs/tools/misc/colord/default.nix
@@ -56,6 +56,7 @@ stdenv.mkDerivation rec {
     "-Dlibcolordcompat=true"
     "-Dsane=true"
     "-Dvapi=true"
+    "-Ddaemon_user=colord"
   ];
 
   nativeBuildInputs = [