54020c36a2
This adds a NixOS module for XScreenSaver (from @aidalgol in #130218, with a few updates). The module: * Installs XScreenSaver * Sets up a suid wrapper for xscreensaver-auth * Sets up a user service for xscreensaver The suid wrapper should function correctly when xscreensaver is installed via the derivation update in 40a00547b71. Co-authored-by: Aidan Gauland <aidalgol@fastmail.net> Co-authored-by: Anderson Torres <torres.anderson.85@protonmail.com>
40 lines
1.2 KiB
Nix
40 lines
1.2 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
let
|
|
cfg = config.services.xscreensaver;
|
|
in
|
|
{
|
|
options.services.xscreensaver = {
|
|
enable = lib.mkEnableOption "xscreensaver user service";
|
|
|
|
package = lib.mkOption {
|
|
type = lib.types.package;
|
|
default = pkgs.xscreensaver;
|
|
defaultText = lib.literalExpression "pkgs.xscreensaver";
|
|
description = "Which xscreensaver package to use.";
|
|
};
|
|
};
|
|
|
|
config = lib.mkIf cfg.enable {
|
|
# Make xscreensaver-auth setuid root so that it can (try to) prevent the OOM
|
|
# killer from unlocking the screen.
|
|
security.wrappers.xscreensaver-auth = {
|
|
setuid = true;
|
|
owner = "root";
|
|
group = "root";
|
|
source = "${pkgs.xscreensaver}/libexec/xscreensaver/xscreensaver-auth";
|
|
};
|
|
|
|
systemd.user.services.xscreensaver = {
|
|
enable = true;
|
|
description = "XScreenSaver";
|
|
after = [ "graphical-session-pre.target" ];
|
|
partOf = [ "graphical-session.target" ];
|
|
wantedBy = [ "graphical-session.target" ];
|
|
path = [ cfg.package ];
|
|
serviceConfig.ExecStart = "${cfg.package}/bin/xscreensaver -no-splash";
|
|
};
|
|
};
|
|
|
|
meta.maintainers = with lib.maintainers; [ vancluever AndersonTorres ];
|
|
}
|