However it might be interesting to set this up in Guix as it seems to be used in other linux distribution and looks like a relatively good security feature. I'm not versed in security but we would at least need to create this group and modify the pam services. Should I open an issue for that? [...] > > What do you think about these changes? I felt that a list of > directories should be expressed as a list and not a colon-separated > string. I realize that this clashes with the lightdm configuration > file, which speaks of “directory” even though it accepts a > colon-separated list of directories. Everything is looking fine! And the directories as lists is indeed way better. > If that’s fine I’ll fold them into your patch that adds the service. > > I built a VM and noticed that all icons are missing. Should the service > arrange for a certain fallback icon theme to be installed? If you only added (service-type lightdm-service-type) without any greeter, it's expected. LightDM without autologin needs a greeter. So in this case you just get a "fallback" session to avoid unnecesseraly breaking the user's system. I choose not to bring lightdm-gtk-greeter's assets to give the user a little push toward adding a greeter service. It's very arguable so if you think we should bring in assets too, let's do it. I can prepare a patch if you want. The documentation might also be lacking here. So adding a little comment in the lightdm-service description might also be enough. What do you think? > I also haven’t actually been able to log in as root with an empty > password, which is what the VM generates by default. Can this be > supported with lightdm? Didn't succeed either but it should be possible... :/ Looking on the web, on passwordless login, the lightdm-autologin pam is often cited so this line: (pam-entry (control "required") (module "pam_succeed_if.so") (arguments (list "uid >= 1000"))) might be related. But I'm really not knowledgeable enough on this matter to give a proper answer. > -- > Ricardo Have a nice day, L p R n d n