diff options
author | Peter Simons <simons@cryp.to> | 2015-04-14 13:23:19 +0200 |
---|---|---|
committer | Peter Simons <simons@cryp.to> | 2015-04-14 13:23:19 +0200 |
commit | 6edc3022ef1f22f4a0d69bf1e6fd17d52740b699 (patch) | |
tree | 3f2318edd09eebdfa32fa51b088a5a193af8c83c /nixos/modules | |
parent | 4beadc79dce6caeaf3dbcdc815ff4d021622a855 (diff) | |
parent | 75ab7bf96035c23293fd1db373ea5f512a0ec6fa (diff) | |
download | nixlib-6edc3022ef1f22f4a0d69bf1e6fd17d52740b699.tar nixlib-6edc3022ef1f22f4a0d69bf1e6fd17d52740b699.tar.gz nixlib-6edc3022ef1f22f4a0d69bf1e6fd17d52740b699.tar.bz2 nixlib-6edc3022ef1f22f4a0d69bf1e6fd17d52740b699.tar.lz nixlib-6edc3022ef1f22f4a0d69bf1e6fd17d52740b699.tar.xz nixlib-6edc3022ef1f22f4a0d69bf1e6fd17d52740b699.tar.zst nixlib-6edc3022ef1f22f4a0d69bf1e6fd17d52740b699.zip |
Merge pull request #7345 from joachifm/conditional-shadow-setuids
nixos: condition shadow setuid-wrappers on mutableUsers
Diffstat (limited to 'nixos/modules')
-rw-r--r-- | nixos/modules/programs/shadow.nix | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/nixos/modules/programs/shadow.nix b/nixos/modules/programs/shadow.nix index 895ecb122cb6..566398d839fd 100644 --- a/nixos/modules/programs/shadow.nix +++ b/nixos/modules/programs/shadow.nix @@ -100,8 +100,10 @@ in chgpasswd = { rootOK = true; }; }; - security.setuidPrograms = [ "passwd" "chfn" "su" "sg" "newgrp" - "newuidmap" "newgidmap" # new in shadow 4.2.x + security.setuidPrograms = [ "su" "chfn" ] + ++ lib.optionals config.users.mutableUsers + [ "passwd" "sg" "newgrp" + "newuidmap" "newgidmap" # new in shadow 4.2.x ]; }; |