Log console logins in /var/log/wtmp

author: Eelco Dolstra <eelco.dolstra@logicblox.com> 2013-09-22 18:16:22 +0200
committer: Eelco Dolstra <eelco.dolstra@logicblox.com> 2013-09-22 21:39:05 +0200
commit: 4be5fae2da1eb9aafdc2982e1e210ef3b6122899 (patch)
tree: 7162b27a54ac058401c43f43dababe95be6772f5 /modules
parent: 14f55a2f677e4751c4b1333b5d096a6bc43af40b (diff)
download: nixlib-4be5fae2da1eb9aafdc2982e1e210ef3b6122899.tar
nixlib-4be5fae2da1eb9aafdc2982e1e210ef3b6122899.tar.gz
nixlib-4be5fae2da1eb9aafdc2982e1e210ef3b6122899.tar.bz2
nixlib-4be5fae2da1eb9aafdc2982e1e210ef3b6122899.tar.lz
nixlib-4be5fae2da1eb9aafdc2982e1e210ef3b6122899.tar.xz
nixlib-4be5fae2da1eb9aafdc2982e1e210ef3b6122899.tar.zst
nixlib-4be5fae2da1eb9aafdc2982e1e210ef3b6122899.zip
2 files changed, 5 insertions, 1 deletions
diff --git a/modules/programs/shadow.nix b/modules/programs/shadow.nix
index 39359ac4293b..e4310dae986b 100644
--- a/modules/programs/shadow.nix
+++ b/modules/programs/shadow.nix
@@ -91,7 +91,7 @@ in
         { name = "groupmod"; rootOK = true; }
         { name = "groupmems"; rootOK = true; }
         { name = "groupdel"; rootOK = true; }
-        { name = "login"; startSession = true; allowNullPassword = true; showMotd = true; }
+        { name = "login"; startSession = true; allowNullPassword = true; showMotd = true; updateWtmp = true; }
       ];
 
     security.setuidPrograms = [ "passwd" "chfn" "su" "newgrp" ];
diff --git a/modules/security/pam.nix b/modules/security/pam.nix
index f97e68a171cd..3ef01ea2c179 100644
--- a/modules/security/pam.nix
+++ b/modules/security/pam.nix
@@ -70,6 +70,8 @@ let
       limits ? config.security.pam.loginLimits
     , # Whether to show the message of the day.
       showMotd ? false
+    , # Whether to update /var/log/wtmp.
+      updateWtmp ? false
     }:
 
     { source = pkgs.writeText "${name}.pam"
@@ -114,6 +116,8 @@ let
 
           # Session management.
           session required pam_unix.so
+          ${optionalString updateWtmp
+              "session required ${pkgs.pam}/lib/security/pam_lastlog.so silent"}
           ${optionalString config.users.ldap.enable
               "session optional ${pam_ldap}/lib/security/pam_ldap.so"}
           ${optionalString config.krb5.enable
author	Eelco Dolstra <eelco.dolstra@logicblox.com>	2013-09-22 18:16:22 +0200
committer	Eelco Dolstra <eelco.dolstra@logicblox.com>	2013-09-22 21:39:05 +0200
commit	4be5fae2da1eb9aafdc2982e1e210ef3b6122899 (patch)
tree	7162b27a54ac058401c43f43dababe95be6772f5 /modules
parent	14f55a2f677e4751c4b1333b5d096a6bc43af40b (diff)
download	nixlib-4be5fae2da1eb9aafdc2982e1e210ef3b6122899.tar nixlib-4be5fae2da1eb9aafdc2982e1e210ef3b6122899.tar.gz nixlib-4be5fae2da1eb9aafdc2982e1e210ef3b6122899.tar.bz2 nixlib-4be5fae2da1eb9aafdc2982e1e210ef3b6122899.tar.lz nixlib-4be5fae2da1eb9aafdc2982e1e210ef3b6122899.tar.xz nixlib-4be5fae2da1eb9aafdc2982e1e210ef3b6122899.tar.zst nixlib-4be5fae2da1eb9aafdc2982e1e210ef3b6122899.zip