nixos/mirakurun: add polkit rule for smart card access (#122066)

Fixes #122039

authored by

midchildan and committed by
GitHub
65670311 92a2e684

+22 -1
+22 -1
nixos/modules/services/video/mirakurun.nix
··· 8 8 username = config.users.users.mirakurun.name; 9 9 groupname = config.users.users.mirakurun.group; 10 10 settingsFmt = pkgs.formats.yaml {}; 11 + 12 + polkitRule = pkgs.writeTextDir "share/polkit-1/rules.d/10-mirakurun.rules" '' 13 + polkit.addRule(function (action, subject) { 14 + if ( 15 + (action.id == "org.debian.pcsc-lite.access_pcsc" || 16 + action.id == "org.debian.pcsc-lite.access_card") && 17 + subject.user == "${username}" 18 + ) { 19 + return polkit.Result.YES; 20 + } 21 + }); 22 + ''; 11 23 in 12 24 { 13 25 options = { ··· 45 57 description = '' 46 58 Path to unix socket to listen on. If <literal>null</literal>, it 47 59 won't listen on any unix sockets. 60 + ''; 61 + }; 62 + 63 + allowSmartCardAccess = mkOption { 64 + type = types.bool; 65 + default = true; 66 + description = '' 67 + Install polkit rules to allow Mirakurun to access smart card readers 68 + which is commonly used along with tuner devices. 48 69 ''; 49 70 }; 50 71 ··· 110 131 }; 111 132 112 133 config = mkIf cfg.enable { 113 - environment.systemPackages = [ mirakurun ]; 134 + environment.systemPackages = [ mirakurun ] ++ optional cfg.allowSmartCardAccess polkitRule; 114 135 environment.etc = { 115 136 "mirakurun/server.yml".source = settingsFmt.generate "server.yml" cfg.serverSettings; 116 137 "mirakurun/tuners.yml" = mkIf (cfg.tunerSettings != null) {