pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / modules / services / system / dbus.nix
at 21.11-pre 4.1 kB view raw
1# D-Bus configuration and system bus daemon. 2 3{ config, lib, options, pkgs, ... }: 4 5with lib; 6 7let 8 9 cfg = config.services.dbus; 10 11 homeDir = "/run/dbus"; 12 13 configDir = pkgs.makeDBusConf { 14 inherit (cfg) apparmor; 15 suidHelper = "${config.security.wrapperDir}/dbus-daemon-launch-helper"; 16 serviceDirectories = cfg.packages; 17 }; 18 19in 20 21{ 22 ###### interface 23 24 options = { 25 26 services.dbus = { 27 28 enable = mkOption { 29 type = types.bool; 30 default = false; 31 internal = true; 32 description = '' 33 Whether to start the D-Bus message bus daemon, which is 34 required by many other system services and applications. 35 ''; 36 }; 37 38 packages = mkOption { 39 type = types.listOf types.path; 40 default = [ ]; 41 description = '' 42 Packages whose D-Bus configuration files should be included in 43 the configuration of the D-Bus system-wide or session-wide 44 message bus. Specifically, files in the following directories 45 will be included into their respective DBus configuration paths: 46 <filename><replaceable>pkg</replaceable>/etc/dbus-1/system.d</filename> 47 <filename><replaceable>pkg</replaceable>/share/dbus-1/system.d</filename> 48 <filename><replaceable>pkg</replaceable>/share/dbus-1/system-services</filename> 49 <filename><replaceable>pkg</replaceable>/etc/dbus-1/session.d</filename> 50 <filename><replaceable>pkg</replaceable>/share/dbus-1/session.d</filename> 51 <filename><replaceable>pkg</replaceable>/share/dbus-1/services</filename> 52 ''; 53 }; 54 55 apparmor = mkOption { 56 type = types.enum [ "enabled" "disabled" "required" ]; 57 description = '' 58 AppArmor mode for dbus. 59 60 <literal>enabled</literal> enables mediation when it's 61 supported in the kernel, <literal>disabled</literal> 62 always disables AppArmor even with kernel support, and 63 <literal>required</literal> fails when AppArmor was not found 64 in the kernel. 65 ''; 66 default = "disabled"; 67 }; 68 69 socketActivated = mkOption { 70 type = types.nullOr types.bool; 71 default = null; 72 visible = false; 73 description = '' 74 Removed option, do not use. 75 ''; 76 }; 77 }; 78 }; 79 80 ###### implementation 81 82 config = mkIf cfg.enable { 83 warnings = optional (cfg.socketActivated != null) ( 84 let 85 files = showFiles options.services.dbus.socketActivated.files; 86 in 87 "The option 'services.dbus.socketActivated' in ${files} no longer has" 88 + " any effect and can be safely removed: the user D-Bus session is" 89 + " now always socket activated." 90 ); 91 92 environment.systemPackages = [ pkgs.dbus.daemon pkgs.dbus ]; 93 94 environment.etc."dbus-1".source = configDir; 95 96 users.users.messagebus = { 97 uid = config.ids.uids.messagebus; 98 description = "D-Bus system message bus daemon user"; 99 home = homeDir; 100 group = "messagebus"; 101 }; 102 103 users.groups.messagebus.gid = config.ids.gids.messagebus; 104 105 systemd.packages = [ pkgs.dbus.daemon ]; 106 107 security.wrappers.dbus-daemon-launch-helper = { 108 source = "${pkgs.dbus.daemon}/libexec/dbus-daemon-launch-helper"; 109 owner = "root"; 110 group = "messagebus"; 111 setuid = true; 112 setgid = false; 113 permissions = "u+rx,g+rx,o-rx"; 114 }; 115 116 services.dbus.packages = [ 117 pkgs.dbus.out 118 config.system.path 119 ]; 120 121 systemd.services.dbus = { 122 # Don't restart dbus-daemon. Bad things tend to happen if we do. 123 reloadIfChanged = true; 124 restartTriggers = [ configDir ]; 125 environment = { LD_LIBRARY_PATH = config.system.nssModules.path; }; 126 }; 127 128 systemd.user = { 129 services.dbus = { 130 # Don't restart dbus-daemon. Bad things tend to happen if we do. 131 reloadIfChanged = true; 132 restartTriggers = [ configDir ]; 133 }; 134 sockets.dbus.wantedBy = [ "sockets.target" ]; 135 }; 136 137 environment.pathsToLink = [ "/etc/dbus-1" "/share/dbus-1" ]; 138 }; 139}