summary refs log tree commit diff
path: root/nixos/modules/security/duosec.nix
diff options
context:
space:
mode:
authorParnell Springmeyer <parnell@awakenetworks.com>2016-07-15 19:10:48 -0500
committerParnell Springmeyer <parnell@awakenetworks.com>2016-09-01 19:17:43 -0500
commit390ab0b3eff809052d5b9d9b5335413b36898481 (patch)
tree15700959b5c568cff51e2e8abafed931bff7e6dd /nixos/modules/security/duosec.nix
parent81b33eb46645b1bd3ab5029c0ca2012a24902bb0 (diff)
downloadnixlib-390ab0b3eff809052d5b9d9b5335413b36898481.tar
nixlib-390ab0b3eff809052d5b9d9b5335413b36898481.tar.gz
nixlib-390ab0b3eff809052d5b9d9b5335413b36898481.tar.bz2
nixlib-390ab0b3eff809052d5b9d9b5335413b36898481.tar.lz
nixlib-390ab0b3eff809052d5b9d9b5335413b36898481.tar.xz
nixlib-390ab0b3eff809052d5b9d9b5335413b36898481.tar.zst
nixlib-390ab0b3eff809052d5b9d9b5335413b36898481.zip
everything?: Updating every package that depended on the old setuidPrograms configuration.
Diffstat (limited to 'nixos/modules/security/duosec.nix')
-rw-r--r--nixos/modules/security/duosec.nix12


1 files changed, 11 insertions, 1 deletions
diff --git a/nixos/modules/security/duosec.nix b/nixos/modules/security/duosec.nix
index 0e3a54325cad..202218c915c9 100644
--- a/nixos/modules/security/duosec.nix
+++ b/nixos/modules/security/duosec.nix
@@ -193,7 +193,17 @@ in
       ];
 
      environment.systemPackages = [ pkgs.duo-unix ];
-     security.setuidPrograms    = [ "login_duo" ];
+
+     security.permissionsWrappers.setuid =
+     [
+       { program = "login_duo";
+         source  = "${pkgs.duo-unix.out}/bin/login_duo";
+         user    = "root";
+         group   = "root";
+         setuid  = true;
+       }
+     ];
+
      environment.etc = loginCfgFile ++ pamCfgFile;
 
      /* If PAM *and* SSH are enabled, then don't do anything special.

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-09 15:33:18 +0000