From 37ee40759f1e6feda51fb36dd3c951b4f3045944 Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 25 May 2016 00:31:49 +0200 Subject: xmonad-tv: convert to writeHaskellBin --- tv/2configs/xserver/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'tv/2configs/xserver/default.nix') diff --git a/tv/2configs/xserver/default.nix b/tv/2configs/xserver/default.nix index 4b936f473..08b69067c 100644 --- a/tv/2configs/xserver/default.nix +++ b/tv/2configs/xserver/default.nix @@ -116,12 +116,12 @@ let settle ${pkgs.xorg.xhost}/bin/xhost +LOCAL: settle ${pkgs.xorg.xrdb}/bin/xrdb -merge ${import ./Xresources.nix args} settle ${pkgs.xorg.xsetroot}/bin/xsetroot -solid '#1c1c1c' - exec ${pkgs.xmonad-tv}/bin/xmonad + exec ${pkgs.xmonad-tv}/bin/xmonad-tv ''; xmonad-stop = pkgs.writeScriptBin "xmonad-stop" '' #! /bin/sh - exec ${pkgs.xmonad-tv}/bin/xmonad --shutdown + exec ${pkgs.xmonad-tv}/bin/xmonad-tv --shutdown ''; xserver-environment = { -- cgit v1.2.3 From 9172da3aa08672ad178128663afa4331059475ad Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 25 May 2016 01:26:25 +0200 Subject: xmonad-tv: don't use PATH --- tv/2configs/xserver/default.nix | 5 ----- 1 file changed, 5 deletions(-) (limited to 'tv/2configs/xserver/default.nix') diff --git a/tv/2configs/xserver/default.nix b/tv/2configs/xserver/default.nix index 08b69067c..51e243284 100644 --- a/tv/2configs/xserver/default.nix +++ b/tv/2configs/xserver/default.nix @@ -99,11 +99,6 @@ let xmonad-start = pkgs.writeScriptBin "xmonad" '' #! ${pkgs.bash}/bin/bash set -efu - export PATH; PATH=${makeSearchPath "bin" [ - # TODO put paths into a Haskell module instead of PATH - pkgs.alsaUtils - pkgs.rxvt_unicode - ]}:/var/setuid-wrappers settle() {( # Use PATH for a clean journal command=''${1##*/} -- cgit v1.2.3 From 73a63312255821f2b3b0315232cdd5b8ea1b994d Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 25 May 2016 01:37:52 +0200 Subject: xmonad-tv: startupHook = $XMONAD_STARTUP_HOOK & --- tv/2configs/xserver/default.nix | 35 ++++++++++------------------------- 1 file changed, 10 insertions(+), 25 deletions(-) (limited to 'tv/2configs/xserver/default.nix') diff --git a/tv/2configs/xserver/default.nix b/tv/2configs/xserver/default.nix index 51e243284..efc06be14 100644 --- a/tv/2configs/xserver/default.nix +++ b/tv/2configs/xserver/default.nix @@ -56,8 +56,8 @@ let requires = [ "xserver.service" ]; environment = xmonad-environment; serviceConfig = { - ExecStart = "${xmonad-start}/bin/xmonad"; - ExecStop = "${xmonad-stop}/bin/xmonad-stop"; + ExecStart = "${pkgs.xmonad-tv}/bin/xmonad-tv"; + ExecStop = "${pkgs.xmonad-tv}/bin/xmonad-tv --shutdown"; User = user.name; WorkingDirectory = user.home; }; @@ -80,6 +80,14 @@ let xmonad-environment = { DISPLAY = ":${toString config.services.xserver.display}"; + + XMONAD_STARTUP_HOOK = pkgs.writeDash "xmonad-startup-hook" '' + ${pkgs.xorg.xhost}/bin/xhost +LOCAL: & + ${pkgs.xorg.xrdb}/bin/xrdb -merge ${import ./Xresources.nix args} & + ${pkgs.xorg.xsetroot}/bin/xsetroot -solid '#1c1c1c' & + wait + ''; + XMONAD_STATE = "/tmp/xmonad.state"; # XXX JSON is close enough :) @@ -96,29 +104,6 @@ let ]); }; - xmonad-start = pkgs.writeScriptBin "xmonad" '' - #! ${pkgs.bash}/bin/bash - set -efu - settle() {( - # Use PATH for a clean journal - command=''${1##*/} - PATH=''${1%/*}; export PATH - shift - until "$command" "$@"; do - ${pkgs.coreutils}/bin/sleep 1 - done - )&} - settle ${pkgs.xorg.xhost}/bin/xhost +LOCAL: - settle ${pkgs.xorg.xrdb}/bin/xrdb -merge ${import ./Xresources.nix args} - settle ${pkgs.xorg.xsetroot}/bin/xsetroot -solid '#1c1c1c' - exec ${pkgs.xmonad-tv}/bin/xmonad-tv - ''; - - xmonad-stop = pkgs.writeScriptBin "xmonad-stop" '' - #! /bin/sh - exec ${pkgs.xmonad-tv}/bin/xmonad-tv --shutdown - ''; - xserver-environment = { XKB_BINDIR = "${pkgs.xorg.xkbcomp}/bin"; # Needed for the Xkb extension. XORG_DRI_DRIVER_PATH = "/run/opengl-driver/lib/dri"; # !!! Depends on the driver selected at runtime. -- cgit v1.2.3 From f48cd0f2a3b9970fee3f4100c9656e6b6b4fd6d8 Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 25 May 2016 01:50:06 +0200 Subject: tv xserver: drop wrapper --- tv/2configs/xserver/default.nix | 22 +++++++++------------- 1 file changed, 9 insertions(+), 13 deletions(-) (limited to 'tv/2configs/xserver/default.nix') diff --git a/tv/2configs/xserver/default.nix b/tv/2configs/xserver/default.nix index efc06be14..802542020 100644 --- a/tv/2configs/xserver/default.nix +++ b/tv/2configs/xserver/default.nix @@ -73,7 +73,15 @@ let environment = xserver-environment; serviceConfig = { ExecReload = need-reload "xserver.service"; - ExecStart = "${xserver}/bin/xserver"; + ExecStart = toString [ + "${pkgs.xorg.xorgserver}/bin/X" + ":${toString config.services.xserver.display}" + "vt${toString config.services.xserver.tty}" + "-config ${import ./xserver.conf.nix args}" + "-logfile /var/log/X.${toString config.services.xserver.display}.log" + "-nolisten tcp" + "-xkbdir ${pkgs.xkeyboard_config}/etc/X11/xkb" + ]; }; }; }; @@ -112,18 +120,6 @@ let ++ concatLists (catAttrs "libPath" config.services.xserver.drivers)); }; - xserver = pkgs.writeScriptBin "xserver" '' - #! /bin/sh - set -efu - exec ${pkgs.xorg.xorgserver}/bin/X \ - :${toString config.services.xserver.display} \ - vt${toString config.services.xserver.tty} \ - -config ${import ./xserver.conf.nix args} \ - -logfile /var/log/X.${toString config.services.xserver.display}.log \ - -nolisten tcp \ - -xkbdir ${pkgs.xkeyboard_config}/etc/X11/xkb \ - ''; - need-reload = s: let pkg = pkgs.writeScriptBin "need-reload" '' #! /bin/sh -- cgit v1.2.3 From 5903c47cffee90824256994470e92d2956185e8c Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 25 May 2016 02:36:24 +0200 Subject: tv xmodmap: init --- tv/2configs/xserver/default.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'tv/2configs/xserver/default.nix') diff --git a/tv/2configs/xserver/default.nix b/tv/2configs/xserver/default.nix index 802542020..e85c07fad 100644 --- a/tv/2configs/xserver/default.nix +++ b/tv/2configs/xserver/default.nix @@ -91,6 +91,7 @@ let XMONAD_STARTUP_HOOK = pkgs.writeDash "xmonad-startup-hook" '' ${pkgs.xorg.xhost}/bin/xhost +LOCAL: & + ${pkgs.xorg.xmodmap}/bin/xmodmap ${import ./Xmodmap.nix args} & ${pkgs.xorg.xrdb}/bin/xrdb -merge ${import ./Xresources.nix args} & ${pkgs.xorg.xsetroot}/bin/xsetroot -solid '#1c1c1c' & wait -- cgit v1.2.3 From 82a8e7eca896c94e35de22a734d538f25e028faf Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 25 May 2016 02:41:55 +0200 Subject: tv xserver: compress need-reload --- tv/2configs/xserver/default.nix | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) (limited to 'tv/2configs/xserver/default.nix') diff --git a/tv/2configs/xserver/default.nix b/tv/2configs/xserver/default.nix index e85c07fad..a6a820507 100644 --- a/tv/2configs/xserver/default.nix +++ b/tv/2configs/xserver/default.nix @@ -121,11 +121,9 @@ let ++ concatLists (catAttrs "libPath" config.services.xserver.drivers)); }; - need-reload = s: let - pkg = pkgs.writeScriptBin "need-reload" '' - #! /bin/sh - echo "$*" - ''; - in "${pkg}/bin/need-reload ${s}"; + need-reload = s: toString [ + "${pkgs.writeDashBin "need-reload" ''echo "$*"''}/bin/need-reload" + (shell.escape s) + ]; in out -- cgit v1.2.3 From 36c5834c288b56b6955e35d95708ae7f65f199f9 Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 25 May 2016 03:03:21 +0200 Subject: tv slock: user krebs.setuid --- tv/2configs/xserver/default.nix | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) (limited to 'tv/2configs/xserver/default.nix') diff --git a/tv/2configs/xserver/default.nix b/tv/2configs/xserver/default.nix index a6a820507..b5b116786 100644 --- a/tv/2configs/xserver/default.nix +++ b/tv/2configs/xserver/default.nix @@ -37,15 +37,21 @@ let pkgs.ff pkgs.gitAndTools.qgit pkgs.mpv - pkgs.slock pkgs.sxiv pkgs.xsel pkgs.zathura ]; - security.setuidPrograms = [ - "slock" - ]; + # TODO dedicated group, i.e. with a single user + # TODO krebs.setuid.slock.path vs /var/setuid-wrappers + krebs.setuid.slock = { + filename = "${pkgs.slock}/bin/slock"; + group = "wheel"; + envp = { + DISPLAY = ":${toString config.services.xserver.display}"; + USER = user.name; + }; + }; systemd.services.display-manager.enable = false; -- cgit v1.2.3