BoomMicrophone/nixpkgs-suyu
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

nixos/openrazer: Add a users option

Browse source
This commit is contained in:
Romanos Skiadas 2021-07-22 16:04:57 +03:00
parent 42c6771744
commit 465c9269dd
3 changed files with 18 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
nixos/doc/manual/from_md/release-notes/rl-2111.section.xml
View file

@ -656,8 +656,11 @@
no longer need be granted the entire set of no longer need be granted the entire set of
<literal>plugdev</literal> group permissions, which can <literal>plugdev</literal> group permissions, which can
include permissions other than those required by include permissions other than those required by
<literal>openrazer</literal>. This can be desirable from a <literal>openrazer</literal>. This is desirable from a
security point of view. security point of view. The setting
<link xlink:href="options.html#opt-services.hardware.openrazer.users"><literal>harware.openrazer.users</literal></link>
can be used to add users to the <literal>openrazer</literal>
group.
</para> </para>
</listitem> </listitem>
</itemizedlist> </itemizedlist>

2
nixos/doc/manual/release-notes/rl-2111.section.md
View file

@ -164,7 +164,7 @@ pt-services.clipcat.enable).
- `programs.neovim.runtime` switched to a `linkFarm` internally, making it impossible to use wildcards in the `source` argument. - `programs.neovim.runtime` switched to a `linkFarm` internally, making it impossible to use wildcards in the `source` argument.
- The `openrazer` and `openrazer-daemon` packages as well as the `hardware.openrazer` module now require users to be members of the `openrazer` group instead of `plugdev`. With this change, users no longer need be granted the entire set of `plugdev` group permissions, which can include permissions other than those required by `openrazer`. This can be desirable from a security point of view. - The `openrazer` and `openrazer-daemon` packages as well as the `hardware.openrazer` module now require users to be members of the `openrazer` group instead of `plugdev`. With this change, users no longer need be granted the entire set of `plugdev` group permissions, which can include permissions other than those required by `openrazer`. This is desirable from a security point of view. The setting [`harware.openrazer.users`](options.html#opt-services.hardware.openrazer.users) can be used to add users to the `openrazer` group.
## Other Notable Changes {#sec-release-21.11-notable-changes} ## Other Notable Changes {#sec-release-21.11-notable-changes}

15
nixos/modules/hardware/openrazer.nix
View file

@ -51,8 +51,6 @@ in
hardware.openrazer = { hardware.openrazer = {
enable = mkEnableOption '' enable = mkEnableOption ''
OpenRazer drivers and userspace daemon. OpenRazer drivers and userspace daemon.
Any users that wish to make use of the daemon need to be
members of the "openrazer" group.
''; '';
verboseLogging = mkOption { verboseLogging = mkOption {
@ -96,6 +94,15 @@ in
generate a heatmap. generate a heatmap.
''; '';
}; };
users = mkOption {
type = with types; listOf str;
default = [];
description = ''
Usernames to be added to the "openrazer" group, so that they
can start and interact with the OpenRazer userspace daemon.
'';
};
}; };
}; };
@ -113,7 +120,9 @@ in
# A user must be a member of the openrazer group in order to start # A user must be a member of the openrazer group in order to start
# the openrazer-daemon. Therefore we make sure that the group # the openrazer-daemon. Therefore we make sure that the group
# exists. # exists.
users.groups.openrazer = {}; users.groups.openrazer = {
members = cfg.users;
};
systemd.user.services.openrazer-daemon = { systemd.user.services.openrazer-daemon = {
description = "Daemon to manage razer devices in userspace"; description = "Daemon to manage razer devices in userspace";