summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorlassulus <lassulus@lassul.us>2019-04-17 20:16:06 +0200
committerlassulus <lassulus@lassul.us>2019-04-17 20:16:37 +0200
commit24d7e2fa03a4533368a8ec90599211366feb1510 (patch)
treed55c83f67ef5e1000ad575e69771144c61b3918e
parent47c4919a066b9ac06b822d9f4111b4e06f9ad17b (diff)
l domsen: run verify_arg as root
-rw-r--r--lass/2configs/websites/domsen.nix2
-rw-r--r--lass/3modules/usershadow.nix4
2 files changed, 5 insertions, 1 deletions
diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix
index 5bd5a7ca..2131c7c6 100644
--- a/lass/2configs/websites/domsen.nix
+++ b/lass/2configs/websites/domsen.nix
@@ -119,7 +119,7 @@ in {
authenticators.PLAIN = ''
driver = plaintext
public_name = PLAIN
- server_condition = ''${run{${config.lass.usershadow.path}/bin/verify_arg ${config.lass.usershadow.pattern} $auth2 $auth3}{yes}{no}}
+ server_condition = ''${run{/run/wrappers/bin/shadow_verify_arg ${config.lass.usershadow.pattern} $auth2 $auth3}{yes}{no}}
'';
authenticators.LOGIN = ''
driver = plaintext
diff --git a/lass/3modules/usershadow.nix b/lass/3modules/usershadow.nix
index d967a108..51da2ec9 100644
--- a/lass/3modules/usershadow.nix
+++ b/lass/3modules/usershadow.nix
@@ -45,6 +45,10 @@
source = "${usershadow}/bin/verify_pam";
owner = "root";
};
+ security.wrappers.shadow_verify_arg = {
+ source = "${usershadow}/bin/verify_arg";
+ owner = "root";
+ };
};
usershadow = let {