From d33c92fe21e9690c9cc558a274472617ba034197 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 1 Dec 2021 18:53:18 +0100 Subject: l usershadow: remove legacy pamEnvironment --- lass/3modules/usershadow.nix | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) (limited to 'lass/3modules') diff --git a/lass/3modules/usershadow.nix b/lass/3modules/usershadow.nix index c3d4de84d..1f5b6673f 100644 --- a/lass/3modules/usershadow.nix +++ b/lass/3modules/usershadow.nix @@ -28,15 +28,12 @@ session required pam_permit.so ''; - security.pam.services.dovecot2 = { - text = '' - auth required pam_exec.so expose_authtok /run/wrappers/bin/shadow_verify_pam ${cfg.pattern} - auth required pam_permit.so - account required pam_permit.so - session required pam_permit.so - session required pam_env.so envfile=${config.system.build.pamEnvironment} - ''; - }; + security.pam.services.dovecot2.text = '' + auth required pam_exec.so expose_authtok /run/wrappers/bin/shadow_verify_pam ${cfg.pattern} + auth required pam_permit.so + account required pam_permit.so + session required pam_permit.so + ''; security.wrappers.shadow_verify_pam = { source = "${usershadow}/bin/verify_pam"; -- cgit v1.2.3 From 625d725e1394e0b9f5a4161fffc1b8adf8fe9595 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 1 Dec 2021 19:12:00 +0100 Subject: l usershadow: add groups to security.wrappers --- lass/3modules/usershadow.nix | 2 ++ 1 file changed, 2 insertions(+) (limited to 'lass/3modules') diff --git a/lass/3modules/usershadow.nix b/lass/3modules/usershadow.nix index 1f5b6673f..b1011ced0 100644 --- a/lass/3modules/usershadow.nix +++ b/lass/3modules/usershadow.nix @@ -38,10 +38,12 @@ security.wrappers.shadow_verify_pam = { source = "${usershadow}/bin/verify_pam"; owner = "root"; + group = "root"; }; security.wrappers.shadow_verify_arg = { source = "${usershadow}/bin/verify_arg"; owner = "root"; + group = "root"; }; }; -- cgit v1.2.3