diff options
author | Jamey Sharp <jamey@minilop.net> | 2018-09-29 23:30:02 -0700 |
---|---|---|
committer | Jamey Sharp <jamey@minilop.net> | 2018-09-30 11:08:12 -0700 |
commit | b63f65aea0dea11c20e9299210af1d2ee4299b58 (patch) | |
tree | 147d0ddcbf8bf7131c922707ec5abf4816878775 /nixos/modules/security/pam.nix | |
parent | 188bdfb95d7218b931f7d605ad0a5e6961dc3a34 (diff) | |
download | nixlib-b63f65aea0dea11c20e9299210af1d2ee4299b58.tar nixlib-b63f65aea0dea11c20e9299210af1d2ee4299b58.tar.gz nixlib-b63f65aea0dea11c20e9299210af1d2ee4299b58.tar.bz2 nixlib-b63f65aea0dea11c20e9299210af1d2ee4299b58.tar.lz nixlib-b63f65aea0dea11c20e9299210af1d2ee4299b58.tar.xz nixlib-b63f65aea0dea11c20e9299210af1d2ee4299b58.tar.zst nixlib-b63f65aea0dea11c20e9299210af1d2ee4299b58.zip |
nixos/pam: create wtmp/lastlog iff using pam_lastlog
I think pam_lastlog is the only thing that writes to these files in practice on a modern Linux system, so in a configuration that doesn't use that module, we don't need to create these files. I used tmpfiles.d instead of activation snippets to create the logs. It's good enough for upstream and other distros; it's probably good enough for us.
Diffstat (limited to 'nixos/modules/security/pam.nix')
-rw-r--r-- | nixos/modules/security/pam.nix | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/nixos/modules/security/pam.nix b/nixos/modules/security/pam.nix index bef10b4fe614..926c6d77d3bb 100644 --- a/nixos/modules/security/pam.nix +++ b/nixos/modules/security/pam.nix @@ -548,6 +548,13 @@ in environment.etc = mapAttrsToList (n: v: makePAMService v) config.security.pam.services; + systemd.tmpfiles.rules = optionals + (any (s: s.updateWtmp) (attrValues config.security.pam.services)) + [ + "f /var/log/wtmp" + "f /var/log/lastlog" + ]; + security.pam.services = { other.text = '' |