movefasta/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-06-13 05:05:29 +03:00
Code Issues Projects Releases Packages Wiki Activity

* We still need /etc/pam.d/other to keep usermod happy.

Browse source 
svn path=/nixos/trunk/; revision=16731
This commit is contained in:
Eelco Dolstra 2009-08-16 15:46:24 +00:00
parent 2884c9a836
commit 3b931f7861
1 changed files with 18 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

19
modules/security/pam.nix
View file

@ -18,6 +18,18 @@ let
pamConsolePerms = ./console.perms; pamConsolePerms = ./console.perms;
otherService = pkgs.writeText "other.pam"
''
auth required pam_warn.so
auth required pam_deny.so
account required pam_warn.so
account required pam_deny.so
password required pam_warn.so
password required pam_deny.so
session required pam_warn.so
session required pam_deny.so
'';
makePAMService = makePAMService =
{ name { name
, # If set, root doesn't need to authenticate (e.g. for the "chsh" , # If set, root doesn't need to authenticate (e.g. for the "chsh"
@ -111,7 +123,12 @@ in
[ pkgs.pam pam_unix2 ] [ pkgs.pam pam_unix2 ]
++ optional config.users.ldap.enable pam_ldap; ++ optional config.users.ldap.enable pam_ldap;
environment.etc = map makePAMService config.security.pam.services; environment.etc =
map makePAMService config.security.pam.services
++ singleton
{ source = otherService;
target = "pam.d/other";
};
security.pam.services = security.pam.services =
# Most of these should be moved to specific modules. # Most of these should be moved to specific modules.