Fixes <http://bugs.gnu.org/20646>.
Reported by David Thompson <davet@gnu.org>.
* gnu/system/shadow.scm (assert-valid-users/groups): New procedure
* gnu/system.scm (operating-system-activation-script): Use it.
* tests/guix-system.sh (make_user_config): New function.
Add 3 tests using it.
* po/guix/POTFILES.in: Add gnu/system/shadow.scm.
* gnu/services/base.scm (kvm-udev-rule): New procedure.
(udev-service): Use it, and add it to RULES.
(guix-build-accounts): Add "kvm" to the 'supplementary-groups' field.
* gnu/system/shadow.scm (%base-groups): Add "kvm".
Suggested by Mark H. Weaver.
* gnu/system/shadow.scm (<user-group>)[system?]: New field.
(%base-groups): Introduce 'system-group' macro, and use it.
* gnu/system.scm (user-group->gexp): Pass the 'system?' field.
* guix/build/activation.scm (add-group): Add #:system? and honor it.
(activate-users+groups): Handle the 'system?' field.
* gnu/system/file-systems.scm (%tty-gid): Choose an ID below 1000.
* doc/guix.texi (User Accounts): Document the 'system?' field.
* gnu/system/shadow.scm (<user-account>)[system?]: New field.
* gnu/system.scm (user-account->gexp): Add it.
* guix/build/activation.scm (add-user): Add #:system? parameter and
honor it.
(activate-users+groups): Handle the 'system?' part of user tuples.
Pass it to 'add-user'. Don't create PROFILE-DIR when SYSTEM? is
true.
* gnu/services/dbus.scm (dbus-service): Add 'system?' field for
"messagebus" account.
* gnu/services/base.scm (guix-build-accounts): Likewise.
* gnu/services/avahi.scm (avahi-service): Likewise.
* gnu/services.scm (<service>)[inputs]: Remove.
* gnu/system.scm (links): Remove.
(etc-directory): Add PASSWD and SHADOW to #:inputs.
(operating-system-boot-script): Pass ETC to 'dmd-configuration-file'.
(operating-system-derivation): Remove EXTRAS from the union.
* gnu/system/linux.scm (pam-service->configuration): Rewrite in terms of
'gexp->derivation'. Compute the contents on the build side. Expect
'arguments' to contain a list of gexps.
(pam-services->directory): Rewrite in terms of 'gexp->derivation'.
(unix-pam-service): Change 'arguments' to a list of one gexp.
* gnu/system/shadow.scm (<user-account>)[inputs]: Remove.
[shell]: Change default value to a gexp.
(passwd-file): Rewrite in terms of 'gexp->derivation'. Compute
contents on the build side.
* gnu/services/base.scm (host-name-service, mingetty-service,
nscd-service, syslog-service, guix-service): Change 'start' and 'stop'
to gexps; remove 'inputs' field.
(guix-build-accounts): Change 'shell' field to a gexp.
* gnu/services/networking.scm (static-networking-service): Change
'start' and 'stop' to gexps; remove 'inputs' field.
* gnu/services/xorg.scm (slim-service): Likewise.
* gnu/services/dmd.scm (dmd-configuration-file): Expect ETC to be a
derivation. Change 'config' to a gexp. Use 'gexp->file' instead of
'text-file'.
* doc/guix.texi (Defining Services): Update nscd example with gexps, and
without 'inputs'. Add xref to "G-Expressions".
* gnu/packages/version-control.scm, gnu/packages/vim.scm,
gnu/system.scm, gnu/system/dmd.scm, gnu/system/shadow.scm,
gnu/system/vm.scm: Change references to (gnu packages system) to (gnu
packages admin).
This is a followup to commit 4aeea89.
* gnu/system/shadow.scm (<user-account>)[inputs]: New field.
(passwd-file): Bind the 'shell' field of each account.
* gnu/system/vm.scm (%demo-operating-system): Remove 'shell' field.
* gnu/system/dmd.scm (guix-build-accounts): Store a monadic value in
'shell'. Add 'inputs' field.
* gnu/system.scm (operating-system-derivation): Remove 'shell' field for
'root' account. Add all the 'user-account-inputs' to EXTRAS.
* gnu/system/shadow.scm (guix-build-accounts): Move to...
* gnu/system/dmd.scm (guix-build-accounts): ... here.
(<service>)[user-accounts, user-groups]: New fields.
(guix-service): New #:build-user-id and #:build-accounts parameters.
Use 'guix-build-accounts' and set the 'user-accounts' and
'user-groups' fields accordingly.
* gnu/system/vm.scm (system-qemu-image): Remove use of
'guix-build-accounts'. Augment ACCOUNTS and GROUPS from what SERVICES
demand.
* gnu/system/shadow.scm (guix-build-accounts): New procedure.
* gnu/system/vm.scm (system-qemu-image): Use it. Add the "guixbuild"
group.
* gnu/system/dmd.scm (guix-service): Add 'builder-group' parameter.
Pass 'guix-daemon' the '--build-users-group' option.