diff options
author | lassulus <lassulus@lassul.us> | 2019-04-17 20:16:06 +0200 |
---|---|---|
committer | lassulus <lassulus@lassul.us> | 2019-04-17 20:16:37 +0200 |
commit | 24d7e2fa03a4533368a8ec90599211366feb1510 (patch) | |
tree | d55c83f67ef5e1000ad575e69771144c61b3918e /lass | |
parent | 47c4919a066b9ac06b822d9f4111b4e06f9ad17b (diff) |
l domsen: run verify_arg as root
Diffstat (limited to 'lass')
-rw-r--r-- | lass/2configs/websites/domsen.nix | 2 | ||||
-rw-r--r-- | lass/3modules/usershadow.nix | 4 |
2 files changed, 5 insertions, 1 deletions
diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index 5bd5a7cac..2131c7c62 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -119,7 +119,7 @@ in { authenticators.PLAIN = '' driver = plaintext public_name = PLAIN - server_condition = ''${run{${config.lass.usershadow.path}/bin/verify_arg ${config.lass.usershadow.pattern} $auth2 $auth3}{yes}{no}} + server_condition = ''${run{/run/wrappers/bin/shadow_verify_arg ${config.lass.usershadow.pattern} $auth2 $auth3}{yes}{no}} ''; authenticators.LOGIN = '' driver = plaintext diff --git a/lass/3modules/usershadow.nix b/lass/3modules/usershadow.nix index d967a108a..51da2ec93 100644 --- a/lass/3modules/usershadow.nix +++ b/lass/3modules/usershadow.nix @@ -45,6 +45,10 @@ source = "${usershadow}/bin/verify_pam"; owner = "root"; }; + security.wrappers.shadow_verify_arg = { + source = "${usershadow}/bin/verify_arg"; + owner = "root"; + }; }; usershadow = let { |