~abcdw/rde-devel

Option to mount user file-systems with PAM mount v1 APPLIED

On 2025-01-04 19:25, Nicolas Graves wrote:

> This patch series provides the option to mount user-specific
> file-systems with PAM-mount rather than at boot.  In this
> configuration, they are mounted on login, and unmounted at logout.
>
> Nicolas Graves (2):
>   rde: system: Add preamble
>   rde: file-systems: Support pam-mounted file-systems
>
>  src/rde/features/system.scm | 55 +++++++++++++++++++++++++++++++++++--
>  1 file changed, 52 insertions(+), 3 deletions(-)

Hi Nicolas,

Thank you for the patch series, looks good to me, merged.

-- 
Best regards,
Andrew Tropin
Export patchset (mbox)
How do I use this?

Copy & paste the following snippet into your terminal to import this patchset into git:

curl -s https://lists.sr.ht/~abcdw/rde-devel/patches/56838/mbox | git am -3
Learn more about email & git

[PATCH 1/2] rde: system: Add preamble Export this patch

---
 src/rde/features/system.scm | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/src/rde/features/system.scm b/src/rde/features/system.scm
index defbeaec..b6fae8b9 100644
--- a/src/rde/features/system.scm
+++ b/src/rde/features/system.scm
@@ -1,3 +1,22 @@
;;; rde --- Reproducible development environment.
;;;
;;; Copyright © 2021, 2024 Andrew Tropin <andrew@trop.in>
;;;
;;; This file is part of rde.
;;;
;;; rde is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; rde is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with rde.  If not, see <http://www.gnu.org/licenses/>.

(define-module (rde features system)
  #:use-module (rde features)
  #:use-module (rde features predicates)
-- 
2.47.1

[PATCH 2/2] rde: file-systems: Support pam-mounted file-systems Export this patch

---
 src/rde/features/system.scm | 36 +++++++++++++++++++++++++++++++++---
 1 file changed, 33 insertions(+), 3 deletions(-)

diff --git a/src/rde/features/system.scm b/src/rde/features/system.scm
index b6fae8b9..46250dee 100644
--- a/src/rde/features/system.scm
+++ b/src/rde/features/system.scm
@@ -1,6 +1,7 @@
;;; rde --- Reproducible development environment.
;;;
;;; Copyright © 2021, 2024 Andrew Tropin <andrew@trop.in>
;;; Copyright © 2025 Nicolas Graves <ngraves@ngraves.fr>
;;;
;;; This file is part of rde.
;;;
@@ -24,11 +25,14 @@
  #:use-module (gnu bootloader)
  #:use-module (gnu bootloader grub)
  #:use-module (gnu packages linux)
  #:use-module (gnu services)
  #:use-module (gnu services pam-mount)
  #:use-module (gnu system)
  #:use-module (gnu system file-systems)
  #:use-module (gnu system mapped-devices)
  #:use-module (gnu system linux-initrd)
  #:use-module (srfi srfi-1)
  #:use-module (ice-9 match)

  #:export (feature-bootloader
            feature-host-info
@@ -74,19 +78,45 @@ keyboard-layout will be overriden by feature-keyboard if it present."
          (mapped-devices '())
          (swap-devices '())
          (file-systems '())
          (base-file-systems %base-file-systems))
          (base-file-systems %base-file-systems)
          (user-pam-file-systems '()))
  "Provides file systems for operating-system.  By default
%base-file-systems will be added to the end of FILE-SYSTEMS, this
behavior can be overriden with BASE-FILE-SYSTEM argument."
behavior can be overriden with BASE-FILE-SYSTEM argument.

USER-PAM-FILE-SYSTEMS are mounted with PAM-mount, when the user logs in rather
than at boot, and are unmounted when the user logs out."
  (ensure-pred list-of-mapped-devices? mapped-devices)
  (ensure-pred list-of-swap-devices? swap-devices)
  (ensure-pred list-of-file-systems? file-systems)
  (ensure-pred list-of-file-systems? base-file-systems)
  (ensure-pred list-of-file-systems? user-pam-file-systems)

  (define (get-system-services config)
    (if user-pam-file-systems
        (let ((file-system->pam-mount-volume
               (lambda (fs)
                 (match (file-system->spec fs)
                   ((file-name mount-point type flags options rest ...)
                    ;; mount-may-fail? check? skip-check-if-clean? repair
                    (pam-mount-volume
                     (user-name (get-value 'user-name config))
                     (file-system-type type)
                     (file-name file-name)
                     (mount-point mount-point)
                     (options options)))))))
          (list
           (simple-service
            'pam-user-volumes
            pam-mount-volume-service-type
            (map file-system->pam-mount-volume user-pam-file-systems))))
        '()))

  (let ((file-systems (append file-systems base-file-systems)))
    (feature
     (name 'file-systems)
     (values (make-feature-values mapped-devices swap-devices file-systems)))))
     (values (make-feature-values mapped-devices swap-devices file-systems))
     (system-services-getter get-system-services))))


(define* (feature-kernel
-- 
2.47.1