mirror of
https://github.com/NixOS/nixpkgs.git
synced 2025-06-22 01:11:02 +03:00
Merge pull request #173495 from wucke13/pam-fix
This commit is contained in:
Lassulus
GitHub
commit
f95d0b966e
1 changed files with 2 additions and 2 deletions
|
|
@ -521,7 +521,7 @@ let
|
||||||
# Modules in this block require having the password set in PAM_AUTHTOK.
|
# Modules in this block require having the password set in PAM_AUTHTOK.
|
||||||
# pam_unix is marked as 'sufficient' on NixOS which means nothing will run
|
# pam_unix is marked as 'sufficient' on NixOS which means nothing will run
|
||||||
# after it succeeds. Certain modules need to run after pam_unix
|
# after it succeeds. Certain modules need to run after pam_unix
|
||||||
# prompts the user for password so we run it once with 'required' at an
|
# prompts the user for password so we run it once with 'optional' at an
|
||||||
# earlier point and it will run again with 'sufficient' further down.
|
# earlier point and it will run again with 'sufficient' further down.
|
||||||
# We use try_first_pass the second time to avoid prompting password twice
|
# We use try_first_pass the second time to avoid prompting password twice
|
||||||
(optionalString (cfg.unixAuth &&
|
(optionalString (cfg.unixAuth &&
|
||||||
|
|
@ -534,7 +534,7 @@ let
|
||||||
|| cfg.duoSecurity.enable))
|
|| cfg.duoSecurity.enable))
|
||||||
(
|
(
|
||||||
''
|
''
|
||||||
auth required pam_unix.so ${optionalString cfg.allowNullPassword "nullok"} ${optionalString cfg.nodelay "nodelay"} likeauth
|
auth optional pam_unix.so ${optionalString cfg.allowNullPassword "nullok"} ${optionalString cfg.nodelay "nodelay"} likeauth
|
||||||
'' +
|
'' +
|
||||||
optionalString config.security.pam.enableEcryptfs ''
|
optionalString config.security.pam.enableEcryptfs ''
|
||||||
auth optional ${pkgs.ecryptfs}/lib/security/pam_ecryptfs.so unwrap
|
auth optional ${pkgs.ecryptfs}/lib/security/pam_ecryptfs.so unwrap
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue