From c7c9c47d724c710b698d3301637001c056a2c0e3 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Tue, 24 Nov 2015 10:18:26 -0400 Subject: Added User.hasDesktopGroups property. Based on a property in spwhitton's config, but rewritten. --- src/Propellor/Property/User.hs | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) (limited to 'src/Propellor') diff --git a/src/Propellor/Property/User.hs b/src/Propellor/Property/User.hs index 78e606ac..f3842892 100644 --- a/src/Propellor/Property/User.hs +++ b/src/Propellor/Property/User.hs @@ -107,6 +107,29 @@ hasGroup (User user) (Group group') = check test $ cmdProperty "adduser" where test = not . elem group' . words <$> readProcess "groups" [user] +-- | Gives a user access to the secondary groups, including audio and +-- video, that the OS installer normally gives a desktop user access to. +hasDesktopGroups :: User -> Property NoInfo +hasDesktopGroups user@(User u) = combineProperties desc $ + map (hasGroup user . Group) desktopgroups + where + desc = "user " ++ u ++ " is in standard desktop groups" + -- This list comes from user-setup's debconf + -- template named "passwd/user-default-groups" + desktopgroups = + [ "audio" + , "cdrom" + , "dip" + , "floppy" + , "video" + , "plugdev" + , "netdev" + , "scanner" + , "bluetooth" + , "debian-tor" + , "lpadmin" + ] + -- | Controls whether shadow passwords are enabled or not. shadowConfig :: Bool -> Property NoInfo shadowConfig True = check (not <$> shadowExists) $ -- cgit v1.2.3