[PATCH] Add a jami-daemon service.

+++ b/gnu/local.mk

+# Copyright © 2018, 2020, 2021 Maxim Cournoyer <maxim.cournoyer@gmail.com>

+ %D%/tests/telephony.scm \

+ %D%/packages/patches/zziplib-CVE-2018-16548.patch \

+ %D%/tests/data/jami-dummy-account.dat

+++ b/gnu/services/telephony.scm

+;;; Copyright © 2021 Maxim Cournoyer <maxim.cournoyer@gmail.com>

+ #:use-module ((gnu services) #:hide (delete))

+ #:use-module (gnu services configuration)

+ #:use-module (gnu packages glib)

+ #:use-module (gnu packages jami)

+ #:use-module (guix modules)

+ #:use-module (guix packages)

+ #:export (jami-daemon-configuration

+ jami-daemon-configuration-jami-daemon

+ jami-daemon-configuration-dbus

+ jami-daemon-configuration-enable-logging?

+ jami-daemon-configuration-debug?

+ jami-daemon-configuration-auto-answer?

+ jami-daemon-configuration-account-archives

+

+ jami-daemon-service-type

+

+ murmur-configuration

+

+

+;;;

+;;; Jami daemon.

+;;;

+

+;;; XXX: These dummy definitions is because there's no way to disable the

+;;; serialization code from define-configuration.

+(define (serialize-boolean option value) "")

+(define (serialize-string-list field-name val) "")

+

+;;; Copied from (gnu services messaging).

+(define (string-list? val)

+ (and (list? val)

+ (and-map (lambda (x)

+ (or (computed-file? x) ;XXX: for tests

+ (and (string? x) (not (string-index x #\,)))))

+ val)))

+(define-maybe string-list)

+

+(define-configuration jami-daemon-configuration

+ (jami-daemon

+ (package libring)

+ "The Jami daemon package to use.")

+ (dbus

+ (package dbus)

+ "The D-Bus package to use to start the required D-Bus session.")

+ (enable-logging?

+ (boolean #true)

+ "Whether to enable logging to syslog.")

+ (debug?

+ (boolean #false)

+ "Whether to enable debug level messages.")

+ (auto-answer?

+ (boolean #false)

+ "Whether to force automatic answer to incoming calls.")

+ (account-archives

+ (maybe-string-list 'disabled)

+ "A list of Jami account archive (backup) file names to be (re-)provisioned

+every time the Jami daemon service starts. These Jami account backups should

+@emp{not} be encrypted and their file should be made readable only to the

+@samp{jami} user (i.e., not in the store), to guard against leaking the secret

+key material of the Jami accounts they contain. When providing this field,

+the account directories under @file{/var/lib/jami/} are recreated every time

+the service starts, ensuring a consistent state."))

+

+(define %jami-daemon-accounts

+ (list (user-group (name "jami") (system? #t))

+ (user-account

+ (name "jami")

+ (group "jami")

+ (system? #t)

+ (comment "Jami daemon user")

+ (home-directory "/var/lib/jami"))))

+

+(define (jami-daemon-configuration->command-line-arguments config)

+ "Derive the command line arguments to used to launch the Jami daemon from

+CONFIG, a <jami-daemon-configuration> object."

+ (match-record config <jami-daemon-configuration>

+ (jami-daemon dbus enable-logging? debug? auto-answer?)

+ `(,(file-append jami-daemon "/lib/ring/dring")

+ "--persistent" ;stay alive after client quits

+ ,@(if enable-logging?

+ '() ;logs go to syslog by default

+ (list "--console")) ;else stdout/stderr

+ ,@(if debug?

+ (list "--debug")

+ '())

+ ,@(if auto-answer?

+ (list "--auto-answer")

+ '()))))

+

+(define (jami-dbus-session-activation config)

+ "Create a directory to hold the Jami D-Bus session socket."

+ (with-imported-modules (source-module-closure '((gnu build activation)))

+ #~(begin

+ (use-modules (gnu build activation))

+ (let ((user (getpwnam "jami")))

+ (mkdir-p/perms "/var/run/jami" user #o700)))))

+

+;; Local definitions to expand in source form in G-exps.

+(define define-with-retries

+ '(define-syntax-rule (with-retries n delay body ...)

+ "Retry the code in BODY up to N times until it returns #t,

+else #f. A delay of DELAY seconds is inserted before each retry."

+ (let loop ((attempts 0))

+ (if (< attempts n)

+ (or (begin

+ body ...) ;return #t on success

+ (begin

+ (sleep delay) ;else wait and retry

+ (loop (+ 1 attempts))))

+ #f)))) ;maximum number of attempts reached

+

+(define define-send-dbus

+ '(define (send-dbus dbus-send interface method . arguments)

+ "Print the response and return #t on success, else #f."

+ (let* ((command `(,dbus-send

+ "--bus=unix:path=/var/run/jami/bus"

+ "--print-reply"

+ "--dest=cx.ring.Ring"

+ "/cx/ring/Ring/ConfigurationManager" ;object path

+ ,(string-append interface "." method)

+ ,@arguments))

+ (pid (fork+exec-command command

+ #:user "jami"

+ #:group "jami")))

+ (zero? (cdr (waitpid pid))))))

+

+(define (jami-daemon-shepherd-services config)

+ "Return a <shepherd-service> running the Jami daemon."

+ (let* ((jami-daemon (jami-daemon-configuration-jami-daemon config))

+ (dbus (jami-daemon-configuration-dbus config))

+ (dbus-daemon (file-append dbus "/bin/dbus-daemon"))

+ (dbus-send (file-append dbus "/bin/dbus-send"))

+ (accounts (jami-daemon-configuration-account-archives config))

+ (declarative-mode? (not (eq? 'disabled accounts))))

+

+ (list (shepherd-service

+ (documentation "Run a D-Bus session for the Jami daemon.")

+ (provision '(jami-daemon-dbus-session))

+ ;; The requirement on dbus-system is to ensure other required

+ ;; activation for D-Bus, such as a /etc/machine-id file.

+ (requirement '(dbus-system syslogd))

+ (start

+ #~(lambda args

+ #$define-with-retries

+

+ (define pid (fork+exec-command

+ (list #$dbus-daemon "--session"

+ "--address=unix:path=/var/run/jami/bus"

+ "--nofork" "--syslog-only" "--nopidfile")

+ #:user "jami"

+ #:group "jami"

+ #:environment-variables

+ ;; This is so that the cx.ring.Ring service D-Bus

+ ;; definition is found by dbus-send.

+ (list (string-append "XDG_DATA_DIRS="

+ #$jami-daemon "/share"))))

+

+ ;; XXX: This manual synchronization probably wouldn't be

+ ;; needed if we were using a PID file, but providing it via a

+ ;; customized config file with the <pidfile> would not

+ ;; override the one inherited from the base config of D-Bus.

+ (let ((sock (socket PF_UNIX SOCK_STREAM 0)))

+ (with-retries 20 1 (catch 'system-error

+ (lambda ()

+ (connect sock AF_UNIX

+ "/var/run/jami/bus")

+ (close-port sock)

+ #t)

+ (lambda args

+ #f))))

+

+ pid))

+ (stop #~(make-kill-destructor)))

+

+ (shepherd-service

+ (documentation "Run the Jami daemon.")

+ (provision '(jami-daemon dring))

+ (requirement '(jami-daemon-dbus-session))

+ (modules `((ice-9 ftw)

+ (srfi srfi-1)

+ (srfi srfi-26)

+ ,@%default-modules))

+ (start

+ #~(lambda args

+ #$define-with-retries

+ #$define-send-dbus

+

+ (when #$declarative-mode?

+ ;; Clear the Jami configuration and accounts, to enforce the

+ ;; declared state.

+ (catch #t

+ (lambda ()

+ (delete-file-recursively "/var/lib/jami/.cache/jami")

+ (delete-file-recursively "/var/lib/jami/.config/jami")

+ (delete-file-recursively "/var/lib/jami/.local/share/jami")

+ (delete-file-recursively "/var/lib/jami/accounts"))

+ (lambda args

+ #t))

+ ;; Copy the Jami accounts from somewhere readable by root to

+ ;; a place only the jami user can read.

+ (let* ((accounts-dir "/var/lib/jami/accounts/")

+ (pwd (getpwnam "jami"))

+ (user (passwd:uid pwd))

+ (group (passwd:gid pwd)))

+ (mkdir-p accounts-dir)

+ (chown accounts-dir user group)

+ (for-each (lambda (f)

+ (let ((dest (string-append accounts-dir

+ (basename f))))

+ (copy-file f dest)

+ (chown dest user group)))

+ '#$accounts)))

+

+ ;; Start the daemon.

+ (define daemon-pid

+ (fork+exec-command

+ '#$(jami-daemon-configuration->command-line-arguments config)

+ #:user "jami"

+ #:group "jami"

+ #:environment-variables

+ (list (string-append "DBUS_SESSION_BUS_ADDRESS="

+ "unix:path=/var/run/jami/bus"))))

+

+ ;; Wait until it's reachable via D-Bus.

+ (with-retries 20 1 (send-dbus #$dbus-send

+ "org.freedesktop.DBus.Peer"

+ "Ping"))

+

+ ;; Provision the accounts.

+ (when #$declarative-mode?

+ (or (every identity

+ (map (lambda (archive)

+ (send-dbus

+ #$dbus-send

+ "cx.ring.Ring.ConfigurationManager"

+ "addAccount"

+ (string-append

+ "dict:string:string:Account.archivePath,"

+ archive

+ ",Account.type,RING")))

+ (map (cut string-append

+ "/var/lib/jami/accounts/" <>)

+ (scandir "/var/lib/jami/accounts/"

+ (lambda (f)

+ (not (member f '("." ".."))))))))

+ (format (current-error-port)

+ "error: failed provisioning the jami accounts")))

+

+ ;; Finally, return the PID of the dring process.

+ daemon-pid))

+ (stop

+ #~(lambda (pid . args)

+ (kill pid SIGTERM)

+ ;; Wait for the process to exit; this prevents overlapping

+ ;; processes when issuing 'herd restart'.

+ (waitpid pid)

+ #f))))))

+

+(define jami-daemon-service-type

+ (service-type

+ (name 'jami-daemon)

+ (default-value (jami-daemon-configuration))

+ (extensions

+ (list (service-extension shepherd-root-service-type

+ jami-daemon-shepherd-services)

+ (service-extension account-service-type

+ (const %jami-daemon-accounts))

+ (service-extension activation-service-type

+ jami-dbus-session-activation)))

+ (description "Run the Jami daemon (@command{dring}). This service is

+geared toward the use case of hosting Jami rendezvous points over a headless

+server. If you use Jami on your local machine, you may prefer to setup a user

+Shepherd service for it instead; this way, the daemon will be shared via your

+normal user D-Bus session bus.")))

+

+

+;;;

+;;; Murmur.

+;;;

+

+++ b/gnu/tests/data/jami-dummy-account.dat

+;;; JSON extracted from an actual Jami account and processed with

+;;; Emacs/guile-json.

+(define %jami-account-content-sexp

+ '(("RINGCAKEY" . "LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUpRd0lCQURBTkJna3F\

+oa2lHOXcwQkFRRUZBQVNDQ1Mwd2dna3BBZ0VBQW9JQ0FRQzBxWUozSkYvTzhQRGEKRnUwRnpRcHBCaD\

+gybGJMdURrNTlVU0I0MUJSaS9kdDZGV1BRN29YOVpsY25vNGZzM2dmUHQ0dU1hRVBkVFBGKwowbGN2Q\

+jc2cytQTEFlcjlOZGpVQzQ2ZXp0UnNiNE9aQXc4ZUk1M3EwSU04QWJFd0o0ZjllLzBmQUFueHgrK3Qw\

+CmZDeGV1YTBUaVBqVHBpZVJMNmpwQkd5UGI2Qk5pU2ViTkZCNzJOMTBnbzI4REVQYlhkNE9CNkN1blZ\

+5RGZKSU0KOC9PRy8rMndNamI4WkRwT3JrYy93U2ZHbnQyZXA3U0xKSkgwOFIzV1FKWklsSndrcGdLTH\

+FRakVwWFNpclN4dAozSkdtdXdBdE9LaXFFTXh1R043elV3ZlNINEtHdkRaUFNkZklZVXJ3eEp4aDJZZ\

+3lobG5RRC9SSnhRN3d4YlJBCjFhMUZVV0FzbDhLODk5cEtESk1GL09VOWZMRUx6QlViblpaRDRmSlg1\

+NmcyTlluUnJobS94NG9FbFk0MFNYMUUKcHYzb01hNnZrVGN5RjJnUFhKL2FkUVJoS0dFaGRjaHBpeDl\

+5UVphaDFCUFBGYW5jNzBMcjhOaDZJeHFNQ1hiMQozMG9vWHpWZmZNMVFOd28rL3hzRnBlRkRqUTAxQ0\

+9pdWZocitKREcyc0txb0o0V0JwYVhubWI1YXVrVWUvV1RKCjAxVmRyaEkvSVExd3V4QzNMMnpac3dVU\

+1NTaDk0aXg1M0hpU3pWbkI5UkxmaVhZUUVCcFEyNHVoRTdiYlo0bm0KZTczZC9zenpPTXMzYUt3OWtW\

+a2VLMTVtYWhSVWZjdEdhSVQxTkhGWUNYYXByaWExakdNdVpmSk1pSUtZUzNidQpMbUhZckF6dEptNDZ\

+0aHpjdnN3NHlhMnFoa2xUUlFJREFRQUJBb0lDQVFDaHZaUm85KzZ5aFhFTHZ6U3FXZHcxCkZGOERibG\

+hIMmhVWkNuV0kxMDM5SmdyRkxMczFSU1krSzg1aFZYMk9hV1VTNk44TmNCYzUyL1hrdFltS09HUFQKM\

+WZqMnE2M3pPcDNSSFdGNWVPMXhNeExRN3JZSDhqMGZZTFFTUytKemdwb3ZRVnJLSXkrb21JSSt3aUN6\

+R1laRApGQUM0ODJzL0J5MHdtRjVjdC9JTEdIeVY3ZXNVUlo1Vi9iL0ltQzUwQ1lDUWpQR2xBb3JkeUx\

+1MHp2NjZZUXc2CkQycTg0VHAyVUg3SExEVmhFNytUbDg4Q04xWll0VGtpSkthbkNpMFVmbStPKzJFM0\

+5HM01hajk1aDl2NktqYkoKUlkxeTNDRTVmQmkyUFNLbVVzRjN3SzdhbzJDRks5MTgybmlxL2FaNm5WO\

+Xc3NmVrRjhEOWUvS1pqUE5ZT0xkaApFczBSL2laV3RpbUx2RHdXQWNWNFNnSFFjNXJvNU9yOEFUS1ZK\

+VmlzZGFuWXkvdUhmVXZWN3U5cDVLK2E4SHU2CllabW13ZTh4bnF5M3V2M0VabE9LY20zTnZvWllVMnJ\

+HUUFQQW1sWWQ4WlRsZGxPa1JCSGxxYzllMmJuSnNTQW8KNUhhS0N3aDJsWmZpalVGNXFrMXNQcm1kN3\

+BlMld2VVV3QmVuSjJnS1ZoTE5VVGtHWmtTWGhzNlV3WWRRMjVtRQppQzl6WjhXNkQ2OXBvb0lsTTVXT\

+01ySEs0Rng1ck9vT05kUHQ4NEk1bTI3cnpnbXM4QnJXVUlGLytZZjJ0bGdmClBIR0V4c3ZCK3JRQk52\

+WHU3dXoxcVdFTlJTL2YwR2E3dVF4ZW5sZ2dubHc5M1pNOW1GWXpXb1RpdWFmdnphTnAKWEsrTEVrV2F\

+RYUs1Q0VaNEhmUlhBUUtDQVFFQTUyK240OUxQODlyQkR2bFdsTkxNanJqTDdSb0xyQ3FVZGpQWQpyT1\

+hZS3ZkTkxyS2NTc1hNdkY4YW5HQng1UG5oVDZGY05ic2dzQ3BUUXowMThZYmcrbUUxQno5ZTdFNTJGZ\

+i9NCk9BbWZqSllXUnZueUtiNnB3SGlvOHlXUXlVVk1zZU1CcmpvWk1kNkpPZEZ0K2JITHBWOS9iSkdR\

+a3NTRE04WTkKbWxGQUlUL0gyNTh1K1ZKTWsrT0prU28zZmJQSk5Ja1Q2WVBKVmNaSnZTRGI5QU83WDF\

+lendCOXVRL0FEblZ6YwpSQkJOUVZaTStZS2ZNWFJBdmFuWnlmWFFwaUxCQW8rRVRPSHJCR1dDRUhtSF\

+RCaEZIMTkyamtxNlcrTStvS0R1Cm1xMitMc2hZWTVFc2NpL2hPOVZjK2FCM0hhaGliME03M092MHFNc\

+WZoTncyU1BncHdRS0NBUUVBeDlaR1gxQnQKL3MwdGtNcGV1QWhlWjFqTklnZmFEY0RRTWlmU0k4QjRx\

+WUhiL1hOREQ5NjFQME9zMDdCN2wzNE1iZ3U2QlNwcwpXdSt0Y1hjSFlqQVJUc0Qzd0pSaVRIb0RSQzR\

+YYkxEa2pHRUVCVzRKbFVqZTA1QWZrU0QrdkZSMkJwZStxQlBLCm5yb3Mwd1BWL3RXa3MzY2VFOUlBTV\

+pWWDhQeFA3RVNXbitVZDJEWkZhcVFLb0JybHZXRXhxelpYUEJSVjhoS3QKcFBqWnFkZXFQLzhUZTBtS\

+zh5MEVreXVXOWhFdGZ2Sm5HWXhMNStrSG9xd2hQVk1tODZ5YlZNVHRQYWJTdCtPUwp0WHhJTE9RMWRN\

+QkFabzRxSnNkUUZJcTJnSHA5WFYwa2ZNUms1ajdJT1Q4c2Z6TlpKVkRNK1k5VHVlSGJXSnduCnZsWld\

+VZ2NVZTlBaWhRS0NBUUVBbFJaK2h1ckUvNGdLR2dWUld5bTRrTEJHM2dTTFJHdGhuQXVtSnlzaFoveE\

+wKZ2l1Wk55bll5L2hRQWpDMjdoUnlxb04rRFRid3hjdGVPOUJ3c1poNzBZOVJROHYwOERGVExMVE43O\

+E56UG5OcApBbXY5TGhzZTYxaFBMZU1qTkNVcVZPV3hyWFRMeWk1YkpCM2Z4SnhlWGJmNU5BMUpudUpz\

+eXF1SC82TWJ0cytKCmhkY3p3WFRjMCtBZVBKOS9nOENQZXdKYkMzRFVBQ2R1VlNHWHo4ZWZxcm1xbDd\

+jbnB5ZzBpK2pJRkNpVU8rVEcKVFcxeDg3KzUvUFF2MGtSQ0Z1UUloZ2ZCNkcwWW9vcHBrUWRZdXhKZl\

+pPaHdUUldpbTVMMlF5K294WWZySGVQOQozSlltbGFCMmJiN3kxL1FoQjcvek9VMk1nTEtYdHl4Z09ve\

+EpoQlFwZ1FLQ0FRQkIwSUE4dy9CMkNuMEhRcDhQClhUSTZOelRZRUYzd1NhQkg1SFdBOE5MTWdNaERJ\

+TUxsWnlPcVFrK1pLSGFMM2llWjFxTGRNS3VmQjNESC9idWcKeXRQb2J

+++ b/doc/guix.texi

+@cindex telephony, services

+The @code{(gnu services telephony)} module contains Guix service

+definitions for telephony services. Currently it provides the following

+services:

+

+@subsubheading Jami (daemon)

+

+@cindex jami-daemon, service

+

+This section describes how to configure a Jami server that can be used

+to host video (or audio) conferences. Here's an example that

+demonstrates how to specify account archives (Jami backups) to be

+provisioned automatically:

+

+@lisp

+(service jami-daemon-service-type

+ (jami-daemon-configuration

+ (account-archives

+ '("/etc/jami/unencrypted-account-1.gz"

+ "/etc/jami/unencrypted-account-2.gz"))))

+@end lisp

+

+Jami accounts and their corresponding backup archives can be generated

+using either the @code{jami-qt} or @code{jami-gnome} Jami clients. The

+accounts should not be password-protected, but it is wise to ensure

+their files are only readable by @samp{root}. The complete set of

+available configuration options are detailed below.

+

+Available @code{jami-daemon-configuration} fields are:

+

+@deftypevr {@code{jami-daemon-configuration} parameter} package jami-daemon

+The Jami daemon package to use.

+

+@end deftypevr

+

+@deftypevr {@code{jami-daemon-configuration} parameter} package dbus

+The D-Bus package to use to start the required D-Bus session.

+

+@end deftypevr

+

+@deftypevr {@code{jami-daemon-configuration} parameter} boolean enable-logging?

+Whether to enable logging to syslog.

+

+Defaults to @samp{#t}.

+

+@end deftypevr

+

+@deftypevr {@code{jami-daemon-configuration} parameter} boolean debug?

+Whether to enable debug level messages.

+

+Defaults to @samp{#f}.

+

+@end deftypevr

+

+@deftypevr {@code{jami-daemon-configuration} parameter} boolean auto-answer?

+Whether to force automatic answer to incoming calls.

+

+Defaults to @samp{#f}.

+

+@end deftypevr

+

+@deftypevr {@code{jami-daemon-configuration} parameter} maybe-string-list account-archives

+A list of Jami account archive (backup) file names to be

+(re-)provisioned every time the Jami daemon service starts. These Jami

+account backups should @emph{not} be encrypted and should be made

+readable only to the @samp{root} user (i.e., not in the store), to guard

+against leaking the secret key material of the Jami accounts they

+contain. When providing this field, the account directories under

+@file{/var/lib/jami/} are recreated every time the service starts,

+ensuring a consistent state.

+

+Defaults to @samp{disabled}.

+

+@end deftypevr

+

+@subsubheading Murmur (VoIP server)

+

+++ b/gnu/local.mk

+ %D%/tests/telephony.scm \

+ %D%/packages/patches/zziplib-CVE-2018-16548.patch \

+ %D%/tests/data/jami-dummy-account.dat

+++ b/gnu/services/telephony.scm

+;;; Copyright © 2021 Maxim Cournoyer <maxim.cournoyer@gmail.com>

+ #:use-module ((gnu services) #:hide (delete))

+ #:use-module (gnu services configuration)

+ #:use-module (gnu packages glib)

+ #:use-module (gnu packages jami)

+ #:use-module (guix modules)

+ #:use-module (guix packages)

+ #:export (jami-daemon-configuration

+ jami-daemon-configuration-jami-daemon

+ jami-daemon-configuration-dbus

+ jami-daemon-configuration-enable-logging?

+ jami-daemon-configuration-debug?

+ jami-daemon-configuration-auto-answer?

+ jami-daemon-configuration-account-archives

+

+ jami-daemon-service-type

+

+ murmur-configuration

+

+

+;;;

+;;; Jami daemon.

+;;;

+

+;;; Copied from (gnu services messaging).

+(define (string-list? val)

+ (and (list? val)

+ (and-map (lambda (x)

+ (or (computed-file? x) ;XXX: for tests

+ (and (string? x) (not (string-index x #\,)))))

+ val)))

+

+(define-maybe/no-serialization string-list)

+

+(define-configuration/no-serialization jami-daemon-configuration

+ (jami-daemon

+ (package libring)

+ "The Jami daemon package to use.")

+ (dbus

+ (package dbus)

+ "The D-Bus package to use to start the required D-Bus session.")

+ (enable-logging?

+ (boolean #t)

+ "Whether to enable logging to syslog.")

+ (debug?

+ (boolean #f)

+ "Whether to enable debug level messages.")

+ (auto-answer?

+ (boolean #f)

+ "Whether to force automatic answer to incoming calls.")

+ (account-archives

+ (maybe-string-list 'disabled)

+ "A list of Jami account archive (backup) file names to be (re-)provisioned

+every time the Jami daemon service starts. These Jami account backups should

+@emph{not} be encrypted and should be made readable only to the @samp{jami}

+user (i.e., not in the store), to guard against leaking the secret key

+material of the Jami accounts they contain. When providing this field, the

+account directories under @file{/var/lib/jami/} are recreated every time the

+service starts, ensuring a consistent state."))

+

+(define %jami-daemon-accounts

+ (list (user-group (name "jami") (system? #t))

+ (user-account

+ (name "jami")

+ (group "jami")

+ (system? #t)

+ (comment "Jami daemon user")

+ (home-directory "/var/lib/jami"))))

+

+(define (jami-daemon-configuration->command-line-arguments config)

+ "Derive the command line arguments to used to launch the Jami daemon from

+CONFIG, a <jami-daemon-configuration> object."

+ (match-record config <jami-daemon-configuration>

+ (jami-daemon dbus enable-logging? debug? auto-answer?)

+ `(,(file-append jami-daemon "/lib/ring/dring")

+ "--persistent" ;stay alive after client quits

+ ,@(if enable-logging?

+ '() ;logs go to syslog by default

+ (list "--console")) ;else stdout/stderr

+ ,@(if debug?

+ (list "--debug")

+ '())

+ ,@(if auto-answer?

+ (list "--auto-answer")

+ '()))))

+

+(define (jami-dbus-session-activation config)

+ "Create a directory to hold the Jami D-Bus session socket."

+ (with-imported-modules (source-module-closure '((gnu build activation)))

+ #~(begin

+ (use-modules (gnu build activation))

+ (let ((user (getpwnam "jami")))

+ (mkdir-p/perms "/var/run/jami" user #o700)))))

+

+;; Local definitions to expand in source form in G-exps.

+(define define-with-retries

+ '(define-syntax-rule (with-retries n delay body ...)

+ "Retry the code in BODY up to N times until it returns #t,

+else #f. A delay of DELAY seconds is inserted before each retry."

+ (let loop ((attempts 0))

+ (if (< attempts n)

+ (or (catch #t

+ (lambda ()

+ body ...)

+ (lambda args

+ #f))

+ (begin

+ (sleep delay) ;else wait and retry

+ (loop (+ 1 attempts))))

+ (error "maximum number of retry attempts reached")))))

+

+(define define-send-dbus

+ '(define (send-dbus dbus-send service path interface method . arguments)

+ "Return the response of dbus-send, else #f."

+ (let* ((command `(,dbus-send

+ "--bus=unix:path=/var/run/jami/bus"

+ "--print-reply"

+ ,(string-append "--dest=" service) ;e.g., cx.ring.Ring

+ ,path ;e.g., /cx/ring/Ring/ConfigurationManager

+ ,(string-append interface "." method)

+ ,@arguments))

+ (temporary-log-file "/var/run/jami/.temporary-dbus-output.log")

+ (clear-temp-file (lambda () (false-if-exception

+ (delete-file temporary-log-file)))))

+ (catch #t

+ (lambda ()

+ (dynamic-wind

+ clear-temp-file

+ (lambda ()

+ (let ((pid (fork+exec-command command

+ #:user "jami" #:group "jami"

+ #:log-file temporary-log-file)))

+ (match (waitpid pid)

+ ((_ . status)

+ (let ((exit-status (status:exit-val status)))

+ (unless (= 0 exit-status)

+ (error "the send-dbus command exited with"

+ exit-status))

+ #t))))

+ (call-with-input-file temporary-log-file get-string-all))

+ clear-temp-file))

+ (lambda args

+ (format (current-error-port) "command ~s failed with ~a~%"

+ command args)

+ #f)))))

+

+(define (jami-daemon-shepherd-services config)

+ "Return a <shepherd-service> running the Jami daemon."

+ (let* ((jami-daemon (jami-daemon-configuration-jami-daemon config))

+ (dbus (jami-daemon-configuration-dbus config))

+ (dbus-daemon (file-append dbus "/bin/dbus-daemon"))

+ (dbus-send (file-append dbus "/bin/dbus-send"))

+ (accounts (jami-daemon-configuration-account-archives config))

+ (declarative-mode? (not (eq? 'disabled accounts))))

+

+ (with-imported-modules (source-module-closure

+ '((gnu build shepherd)

+ (gnu system file-systems)))

+ (list (shepherd-service

+ (documentation "Run a D-Bus session for the Jami daemon.")

+ (provision '(jami-daemon-dbus-session))

+ (modules `((gnu build shepherd)

+ (gnu system file-systems)

+ ,@%default-modules))

+ ;; The requirement on dbus-system is to ensure other required

+ ;; activation for D-Bus, such as a /etc/machine-id file.

+ (requirement '(dbus-system syslogd))

+ (start

+ #~(lambda args

+ #$define-with-retries

+

+ (define pid

+ ((make-forkexec-constructor/container

+ (list #$dbus-daemon "--session"

+ "--address=unix:path=/var/run/jami/bus"

+ "--nofork" "--syslog-only" "--nopidfile")

+ #:mappings (list (file-system-mapping

+ (source "/dev/log") ;for syslog

+ (target source))

+ (file-system-mapping

+ (source "/var/run/jami")

+ (target source)

+ (writable? #t)))

+ #:user "jami"

+ #:group "jami"

+ #:environment-variables

+ ;; This is so that the cx.ring.Ring service D-Bus

+ ;; definition is found by dbus-send.

+ (list (string-append "XDG_DATA_DIRS="

+ #$jami-daemon "/share")))))

+

+ ;; XXX: This manual synchronization probably wouldn't be

+ ;; needed if we were using a PID file, but providing it via a

+ ;; customized config file with <pidfile> would not override

+ ;; the one inherited from the base config of D-Bus.

+ (let ((sock (socket PF_UNIX SOCK_STREAM 0)))

+ (with-retries 20 1 (catch 'system-error

+ (lambda ()

+ (connect sock AF_UNIX

+ "/var/run/jami/bus")

+ (close-port sock)

+ #t)

+ (lambda args

+ #f))))

+

+ pid))

+ (stop #~(make-kill-destructor)))

+

+ (shepherd-service

+ (documentation "Run the Jami daemon.")

+ (provision '(jami-daemon dring))

+ (requirement '(jami-daemon-dbus-session))

+ (modules `((ice-9 ftw)

+ (ice-9 match)

+ (rnrs io ports)

+ (srfi srfi-1)

+ (srfi srfi-26)

+ (gnu build shepherd)

+ (gnu system file-systems)

+ ,@%default-modules))

+ (start

+ #~(lambda args

+ #$define-with-retries

+ #$define-send-dbus

+

+ (define (delete-file-recursively/safe file)

+ ;; Ensure we're not deleting things outside of

+ ;; /var/lib/jami. This prevents a possible attack in case

+ ;; the daemon is compromised and an attacker gains write

+ ;; access to /var/lib/jami.

+ (let ((parent-directory (dirname file)))

+ (if (eq? 'symlink (stat:type (stat parent-directory)))

+ (error "abnormality detected; unexpected symlink found at"

+ parent-directory)

+ (delete-file-recursively file))))

+

+ (when #$declarative-mode?

+ ;; Clear the Jami configuration and accounts, to enforce the

+ ;; declared state.

+ (catch #t

+ (lambda ()

+ (for-each (cut delete-file-recursively/safe <>)

+ '("/var/lib/jami/.cache/jami"

+ "/var/lib/jami/.config/jami"

+ "/var/lib/jami/.local/share/jami"

+ "/var/lib/jami/accounts")))

+ (lambda args

+ #t))

+ ;; Copy the Jami accounts from somewhere readable by root to

+ ;; a place only the jami user can read.

+ (let* ((accounts-dir "/var/lib/jami/accounts/")

+ (pwd (getpwnam "jami"))

+ (user (passwd:uid pwd))

+ (group (passwd:gid pwd)))

+ (mkdir-p accounts-dir)

+ (chown accounts-dir user group)

+ (for-each (lambda (f)

+ (let ((dest (string-append accounts-dir

+ (basename f))))

+ (copy-file f dest)

+ (chown dest user group)))

+ '#$accounts)))

+

+ ;; Start the daemon.

+ (define daemon-pid

+ ((make-forkexec-constructor/container

+ '#$(jami-daemon-configuration->command-line-arguments config)

+ #:mappings (list (file-system-mapping

+ (source "/dev/log") ;for syslog

+ (target source))

+ (file-system-mapping

+ (source "/var/lib/jami")

+ (target source)

+ (writable? #t))

+ (file-system-mapping

+ (source "/var/run/jami")

+ (target source)

+ (writable? #t)))

+ #:user "jami"

+ #:group "jami"

+ #:environment-variables

+ (list (string-append "DBUS_SESSION_BUS_ADDRESS="

+ "unix:path=/var/run/jami/bus")))))

+

+ ;; Wait until the service name has been acquired by D-Bus

+ ;; (this does *not* trigger automatic D-Bus service

+ ;; activation, which is what we want).

+ (with-retries 20 1

+ (let ((output (send-dbus #$dbus-send "org.freedesktop.DBus"

+ "/org/freedesktop/DBus"

+ "org.freedesktop.DBus"

+ "ListNames")))

+ (string-contains output "cx.ring.Ring")))

+

+ ;; Provision the accounts, by means of D-Bus commands sent to

+ ;; the daemon.

+ (when #$declarative-mode?

+ (or (every

+ identity

+ (map (lambda (archive)

+ (send-dbus

+ #$dbus-send

+ "cx.ring.Ring"

+ "/cx/ring/Ring/Configurat

+++ b/.dir-locals.el

+ (eval . (put 'with-shepherd-action 'scheme-indent-function 3))

+

+++ b/gnu/build/shepherd.scm

+ ;; XXX: Lazy-bind the Shepherd to avoid a compile-time dependency.

+ #:autoload (shepherd service) (fork+exec-command

+ read-pid-file

+ exec-command

+ %precious-signals)

+ #:autoload (shepherd system) (unblock-signals)

+++ b/Makefile.am

+ tests/services/telephony.scm \

+++ b/doc/guix.texi

+@cindex telephony, services

+The @code{(gnu services telephony)} module contains Guix service

+definitions for telephony services. Currently it provides the following

+services:

+

+@subsubheading Jami

+

+@cindex jami, service

+

+This section describes how to configure a Jami server that can be used

+to host video (or audio) conferences, among other uses. The following

+example demonstrates how to specify Jami account archives (backups) to

+be provisioned automatically:

+

+@lisp

+(service jami-service-type

+ (jami-configuration

+ (accounts

+ (list (jami-account

+ (archive "/etc/jami/unencrypted-account-1.gz"))

+ (jami-account

+ (archive "/etc/jami/unencrypted-account-2.gz"))))))

+@end lisp

+

+When the accounts field is specified, the Jami account files of the

+service found under @file{/var/lib/jami} are recreated every time the

+service starts.

+

+Jami accounts and their corresponding backup archives can be generated

+using either the @code{jami-qt} or @code{jami-gnome} Jami clients. The

+accounts should not be password-protected, but it is wise to ensure

+their files are only readable by @samp{root}.

+

+The next example shows how to declare that only some contacts should be

+allowed to communicate with a given account:

+

+@lisp

+(service jami-service-type

+ (jami-configuration

+ (accounts

+ (list (jami-account

+ (archive "/etc/jami/unencrypted-account-1.gz")

+ (peer-discovery? #t)

+ (rendezvous-point? #t)

+ (allowed-contacts

+ '("1dbcb0f5f37324228235564b79f2b9737e9a008f"

+ "2dbcb0f5f37324228235564b79f2b9737e9a008f")))))))

+@end lisp

+

+In this mode, only the declared @code{allowed-contacts} can initiate

+communication with the Jami account. This can be used, for example,

+with rendezvous point accounts to create a private video conferencing

+space.

+

+To put the system administrator in full control of the conferences

+hosted on their system, the Jami service supports the following actions:

+

+@example sh

+herd doc jami list-actions jami

+(list-accounts

+ list-account-details

+ list-banned-contacts

+ list-contacts

+ list-moderators

+ add-moderator

+ ban-contact

+ enable-account

+ disable-account)

+@end example

+

+The above actions aim to provide the most valuable actions for

+moderation purposes, not to cover the whole Jami API. Users wanting to

+interact with the Jami daemon from Guile may be interested in

+experimenting with the @code{(gnu build jami-service)} module, which

+powers the above Shepherd actions.

+

+@c TODO: This should be auto-generated from the doc already defined on

+@c the shepherd-actions themselves in (gnu services telephony).

+The @code{add-moderator} and @code{ban-contact} actions accept a contact

+@emph{fingerprint} (40 characters long hash) as first argument and an

+account fingerprint or username as second argument:

+

+@example sh

+# herd add-moderator jami 1dbcb0f5f37324228235564b79f2b9737e9a008f \

+ f3345f2775ddfe07a4b0d95daea111d15fbc1199

+

+# herd list-moderators jami

+Moderators for account f3345f2775ddfe07a4b0d95daea111d15fbc1199:

+ - 1dbcb0f5f37324228235564b79f2b9737e9a008f

+

+@end example

+

+In the case of @code{ban-contact}, the second username argument is

+optional; when omitted, the account is banned from all Jami accounts:

+

+@example sh

+# herd ban-contact jami 1dbcb0f5f37324228235564b79f2b9737e9a008f

+

+# herd list-banned-contacts jami

+Banned contacts for account f3345f2775ddfe07a4b0d95daea111d15fbc1199:

+ - 1dbcb0f5f37324228235564b79f2b9737e9a008f

+

+@end example

+

+Banned contacts are also stripped from their moderation privileges.

+

+The @code{disable-account} action allows to completely disconnect an

+account from the network, making it unreachable, while

+@code{enable-account} does the inverse. They accept a single account

+username or fingerprint as first argument:

+

+@example sh

+# herd disable-account jami f3345f2775ddfe07a4b0d95daea111d15fbc1199

+

+# herd list-accounts jami

+The following Jami accounts are available:

+ - f3345f2775ddfe07a4b0d95daea111d15fbc1199 (dummy) [disabled]

+

+@end example

+

+The @code{list-account-details} action prints the detailed parameters of

+each accounts in the Recutils format, which means the @command{recsel}

+command can be used to select accounts of interest (@pxref{Selection

+Expressions,,,recutils, GNU recutils manual}). Note that period

+characters (@samp{.}) found in the account parameter keys are mapped to

+underscores (@samp{_}) in the output, to meet the requirements of the

+Recutils format. The following example shows how to print the account

+fingerprints for all accounts operating in the rendezvous point mode:

+

+@example sh

+# herd list-account-details jami | \

+ recsel -p Account.username -e 'Account.rendezVous ~ "true"'

+Account_username: f3345f2775ddfe07a4b0d95daea111d15fbc1199

+@end example

+

+The remaining actions should be self-explanatory.

+

+The complete set of available configuration options is detailed below.

+

+@c TODO: Ideally, the following fragments would be auto-generated at

+@c build time, so that they needn't be manually duplicated.

+@c Auto-generated via (configuration->documentation 'jami-configuration)

+Available @code{jami-configuration} fields are:

+

+@deftypevr {@code{jami-configuration} parameter} package jamid

+The Jami daemon package to use.

+

+@end deftypevr

+

+@deftypevr {@code{jami-configuration} parameter} package dbus

+The D-Bus package to use to start the required D-Bus session.

+

+@end deftypevr

+

+@deftypevr {@code{jami-configuration} parameter} package nss-certs

+The nss-certs package to use to provide TLS certificates.

+

+@end deftypevr

+

+@deftypevr {@code{jami-configuration} parameter} boolean enable-logging?

+Whether to enable logging to syslog.

+

+Defaults to @samp{#t}.

+

+@end deftypevr

+

+@deftypevr {@code{jami-configuration} parameter} boolean debug?

+Whether to enable debug level messages.

+

+Defaults to @samp{#f}.

+

+@end deftypevr

+

+@deftypevr {@code{jami-configuration} parameter} boolean auto-answer?

+Whether to force automatic answer to incoming calls.

+

+Defaults to @samp{#f}.

+

+@end deftypevr

+

+@deftypevr {@code{jami-configuration} parameter} maybe-jami-account-list accounts

+A list of Jami accounts to be (re-)provisioned every time the Jami

+daemon service starts. When providing this field, the account

+directories under @file{/var/lib/jami/} are recreated every time the

+service starts, ensuring a consistent state.

+

+Defaults to @samp{disabled}.

+

+@end deftypevr

+

+@c Auto-generated via (configuration->documentation 'jami-account)

+Available @code{jami-account} fields are:

+

+@deftypevr {@code{jami-account} parameter} string-or-computed-file archive

+The account archive (backup) file name of the account. This is used to

+provision the account when the service starts. The account archive

+should @emph{not} be encrypted. It is highly recommended to make it

+readable only to the @samp{root} user (i.e., not in the store), to guard

+against leaking the secret key material of the Jami account it contains.

+

+@end deftypevr

+

+@deftypevr {@code{jami-account} parameter} maybe-account-fingerprint-list allowed-contacts

+The list of allowed contacts for the account, entered as their 40

+characters long fingerprint. Messages or calls from accounts not in

+that list will be rejected. When unspecified, the configuration of the

+account archive is used as-is with respect to contacts and public

+inbound calls/messaging allowance, which typically defaults to allow any

+contact to communicate with the account.

+

+Defaults to @samp{disabled}.

+

+@end deftypevr

+

+@deftypevr {@code{jami-account} parameter} maybe-account-fingerprint-list moderators

+The list of contacts that should have moderation privileges (to ban,

+mute, etc. other users) in rendezvous conferences, entered as their 40

+characters long fingerprint. When unspecified, the configuration of the

+account archive is used as-is with respect to moderation, which

+typically defaults to allow anyone to moderate.

+

+Defaults to @samp{disabled}.

+

+@end deftypevr

+

+@deftypevr {@code{jami-account} parameter} maybe-boolean rendezvous-point?

+Whether the account should operate in the rendezvous mode. In this

+mode, all the incoming audio/video calls are mixed into a conference.

+When left unspecified, the value from the account archive prevails.

+

+Defaults to @samp{disabled}.

+

+@end deftypevr

+

+@deftypevr {@code{jami-account} parameter} maybe-boolean peer-discovery?

+Whether peer discovery should be enabled. Peer discovery is used to

+discover other OpenDHT nodes on the local network, which can be useful

+to maintain communication between devices on such network even when the

+connection to the the Internet has been lost. When left unspecified,

+the value from the account archive prevails.

+

+Defaults to @samp{disabled}.

+

+@end deftypevr

+

+@deftypevr {@code{jami-account} parameter} maybe-string-list bootstrap-hostnames

+A list of hostnames or IPs pointing to OpenDHT nodes, that should be

+used to initially join the OpenDHT network. When left unspecified, the

+value from the account archive prevails.

+

+Defaults to @samp{disabled}.

+

+@end deftypevr

+

+@deftypevr {@code{jami-account} parameter} maybe-string name-server-uri

+The URI of the name server to use, that can be used to retrieve the

+account fingerprint for a registered username.

+

+Defaults to @samp{disabled}.

+

+@end deftypevr

+

+@subsubheading Murmur (VoIP server)

+

+++ b/gnu/build/jami-service.scm

+;;; GNU Guix --- Functional package management for GNU

+;;; Copyright © 2021 Maxim Cournoyer <maxim.cournoyer@gmail.com>

+;;;

+;;; This file is part of GNU Guix.

+;;;

+;;; GNU Guix is free software; you can redistribute it and/or modify it

+;;; under the terms of the GNU General Public License as published by

+;;; the Free Software Foundation; either version 3 of the License, or (at

+;;; your option) any later version.

+;;;

+;;; GNU Guix is distributed in the hope that it will be useful, but

+;;; WITHOUT ANY WARRANTY; without even the implied warranty of

+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

+;;; GNU General Public License for more details.

+;;;

+;;; You should have received a copy of the GNU General Public License

+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.

+

+;;; Commentary:

+;;;

+;;; This module contains helpers used as part of the jami-service-type

+;;; definition.

+;;;

+;;; Code:

+

+(define-module (gnu build jami-service)

+ #:use-module (ice-9 format)

+ #:use-module (ice-9 match)

+ #:use-module (ice-9 peg)

+ #:use-module (ice-9 rdelim)

+ #:use-module (ice-9 regex)

+ #:use-module (rnrs io ports)

+ #:autoload (shepherd service) (fork+exec-command)

+ #:use-module (srfi srfi-1)

+ #:use-module (srfi srfi-26)

+ #:export (account-fingerprint?

+ account-details->recutil

+ get-accounts

+ get-usernames

+ set-account-details

+ add-account

+ account->username

+ username->account

+ username->contacts

+ enable-account

+ disable-account

+

+ add-contact

+ remove-contact

+

+ set-all-moderators

+ set-moderator

+ username->all-moderators?

+ username->moderators

+

+ dbus-available-services

+ dbus-service-available?

+

+ %send-dbus-binary

+ %send-dbus-bus

+ %send-dbus-user

+ %send-dbus-group

+ %send-dbus-debug

+ send-dbus

+

+ with-retries))

+

+;;;

+;;; Utilities.

+;;;

+

+(define-syntax-rule (with-retries n delay body ...)

+ "Retry the code in BODY up to N times until it doesn't raise an exception

+nor return #f, else raise an error. A delay of DELAY seconds is inserted

+before each retry."

+ (let loop ((attempts 0))

+ (catch #t

+ (lambda ()

+ (let ((result (begin body ...)))

+ (if (not result)

+ (error "failed attempt" attempts)

+ result)))

+ (lambda args

+ (if (< attempts n)

+ (begin

+ (sleep delay) ;else wait and retry

+ (loop (+ 1 attempts)))

+ (error "maximum number of retry attempts reached"

+ body ... args))))))

+

+(define (alist->list alist)

+ "Flatten ALIST into a list."

+ (append-map (match-lambda

+ (() '())

+ ((key . value)

+ (list key value)))

+ alist))

+

+(define account-fingerprint-rx (make-regexp "[0-9A-f]{40}"))

+

+(define (account-fingerprint? val)

+ "A Jami account fingerprint is 40 characters long and only contains

+hexadecimal characters."

+ (and (string? val)

+ (regexp-exec account-fingerprint-rx val)))

+

+

+;;;

+;;; D-Bus reply parser.

+;;;

+

+(define (parse-dbus-reply reply)

+ "Return the parse tree of REPLY, a string returned by the 'dbus-send'

+command."

+ ;; Refer to 'man 1 dbus-send' for the grammar reference. Note that the

+ ;; format of the replies doesn't match the format of the input, which is the

+ ;; one documented, but it gives an idea. For an even better reference, see

+ ;; the `print_iter' procedure of the 'dbus-print-message.c' file from the

+ ;; 'dbus' package sources.

+ (define-peg-string-patterns

+ "contents <- header (item / container (item / container*)?)

+ item <-- WS type WS value NL

+ container <- array / dict / variant

+ array <-- array-start (item / container)* array-end

+ dict <-- array-start dict-entry* array-end

+ dict-entry <-- dict-entry-start item item dict-entry-end

+ variant <-- variant-start item

+ type <-- 'string' / 'int16' / 'uint16' / 'int32' / 'uint32' / 'int64' /

+ 'uint64' / 'double' / 'byte' / 'boolean' / 'objpath'

+ value <-- (!NL .)* NL

+ header < (!NL .)* NL

+ variant-start < WS 'variant'

+ array-start < WS 'array [' NL

+ array-end < WS ']' NL

+ dict-entry-start < WS 'dict entry(' NL

+ dict-entry-end < WS ')' NL

+ DQ < '\"'

+ WS < ' '*

+ NL < '\n'*")

+

+ (peg:tree (match-pattern contents reply)))

+

+(define (strip-quotes text)

+ "Strip the leading and trailing double quotes (\") characters from TEXT."

+ (let* ((text* (if (string-prefix? "\"" text)

+ (string-drop text 1)

+ text))

+ (text** (if (string-suffix? "\"" text*)

+ (string-drop-right text* 1)

+ text*)))

+ text**))

+

+(define (deserialize-item item)

+ "Return the value described by the ITEM parse tree as a Guile object."

+ ;; Strings are printed wrapped in double quotes (see the print_iter

+ ;; procedure in dbus-print-message.c).

+ (match item

+ (('item ('type "string") ('value value))

+ (strip-quotes value))

+ (('item ('type "boolean") ('value value))

+ (if (string=? "true" value)

+ #t

+ #f))

+ (('item _ ('value value))

+ value)))

+

+(define (serialize-boolean bool)

+ "Return the serialized format expected by dbus-send for BOOL."

+ (format #f "boolean:~:[false~;true~]" bool))

+

+(define (dict->alist dict-parse-tree)

+ "Translate a dict parse tree to an alist."

+ (define (tuples->alist tuples)

+ (map (lambda (x) (apply cons x)) tuples))

+

+ (match dict-parse-tree

+ ('dict

+ '())

+ (('dict ('dict-entry keys values) ...)

+ (let ((keys* (map deserialize-item keys))

+ (values* (map deserialize-item values)))

+ (tuples->alist (zip keys* values*))))))

+

+(define (array->list array-parse-tree)

+ "Translate an array parse tree to a list."

+ (match array-parse-tree

+ ('array

+ '())

+ (('array items ...)

+ (map deserialize-item items))))

+

+

+;;;

+;;; Low-level, D-Bus-related procedures.

+;;;

+

+;;; The following parameters are used in the jami-service-type service

+;;; definition to conveniently customize the behavior of the send-dbus helper,

+;;; even when called indirectly.

+(define %send-dbus-binary (make-parameter "dbus-send"))

+(define %send-dbus-bus (make-parameter #f))

+(define %send-dbus-user (make-parameter #f))

+(define %send-dbus-group (make-parameter #f))

+(define %send-dbus-debug (make-parameter #f))

+

+(define* (send-dbus #:key service path interface method

+ bus

+ dbus-send

+ user group

+ timeout

+ arguments)

+ "Return the response of DBUS-SEND, else raise an error. Unless explicitly

+provided, DBUS-SEND takes the value of the %SEND-DBUS-BINARY parameter. BUS

+can be used to specify the bus address, such as 'unix:path=/var/run/jami/bus'.

+Alternatively, the %SEND-DBUS-BUS parameter can be used. ARGUMENTS can be

+used to pass input values to a D-Bus method call. TIMEOUT is the amount of

+time to wait for a reply in milliseconds before giving up with an error. USER

+and GROUP allow choosing under which user/group the DBUS-SEND command is

+executed. Alternatively, the %SEND-DBUS-USER and %SEND-DBUS-GROUP parameters

+can be used instead."

+ (let* ((command `(,@(if dbus-send

+ (list dbus-send)

+ (list (%send-dbus-binary)))

+ ,@(if (or bus (%send-dbus-