On 12/30/23 04:45, Ben Weinstein-Raun wrote: > Does anyone know why this would happen, or how to fix it? I'm using the > elogind service on top of %base-services. > I was hoping that someone else more knowledgeable might have a better solution, but since nobody has replied I'll share the less-than-ideal solution I've been using. I use a system without elogind, so I'm not sure if there would be a conflict with this setup and that service. Also, this solution does not properly destroy the directory when a user fully logs out, only when the system is rebooted.
Basically, I just use some code to mount tmpfs onto the directories by adding extra values to the file-systems declaration of my operating-system declaration. The main disadvantage not already mentioned is that UIDs and GIDs have to be explicitly defined for each non-system user. Maybe the logic for the GIDs could be removed because the group has no permissions on the directory anyway, but I haven't thought it through.. There are some helper functions: (let* ((get-gid-by-name (lambda (name groups) (let ((matches (filter (lambda (group) (string=? (guix.user-group-name group)) name) groups))) (if (>= (length matches) 1) (guix.user-group-id (car matches)) (error (string-append "The group " name " must have an explicitly defined GID!" " Add a (gid <number>) form to the group definition.")))))) (get-user-gid (lambda (user groups) (unless (guix.user-account-group user) (error (string-append "The user " (guix.user-account-name user) " must have an explicitly defined group! Add" " (group <name|number>) to the user definition."))) (let ((gid (if (number? (guix.user-account-group user)) (guix.user-account-group user) (get-gid-by-name (guix.user-account-group user) groups)))) (number->string gid)))) (get-user-uid (lambda (user) (unless (guix.user-account-uid user) (error (string-append "The user " (guix.user-account-name user) " must have an explicitly defined UID! Add (uid <number>) to" " the user definition."))) (number->string (guix.user-account-uid user))))) Which can then be used to create the filesystems: (map (lambda (user) (let ((uid (get-user-uid user)) (gid (get-user-gid user groups))) (guix.file-system ; I don't know if this is normally a tmpfs, but the XDG basedir standard ; says that it MUST not survive a reboot, so being tmpfs shouldn't cause any ; problems. This is technically not compliant because it also says that the ; contents MUST be removed if the user fully logs out (implicitly, even if ; the system remains powered on) and I'm not doing that. It looks like guix ; has a predefined greetd configuration to handle this correctly. (device "tmpfs") (mount-point (string-append "/run/user/" uid)) (type "tmpfs") (check? #f) (options (format #f "mode=0700,uid=~a,gid=~a" uid gid)) (create-mount-point? #t)))) (filter (negate guix.user-account-system?) users))))) Regards, Skyler