diff options
author | Lenz Weber <mail@lenzw.de> | 2018-06-02 00:29:33 +0200 |
---|---|---|
committer | Lenz Weber <lenz.weber@mayflower.de> | 2018-06-08 20:57:16 +0200 |
commit | 7c34c28cfaacf9cb9fcb7b169cd6a28e4c34d8d0 (patch) | |
tree | 67ae6c7beb2c0f8b9d7ffccc1a3bf27ddbc5de06 /nixos | |
parent | e126a8c8a5a45fc42822a2d90131c8cae1e4357d (diff) | |
download | nixlib-7c34c28cfaacf9cb9fcb7b169cd6a28e4c34d8d0.tar nixlib-7c34c28cfaacf9cb9fcb7b169cd6a28e4c34d8d0.tar.gz nixlib-7c34c28cfaacf9cb9fcb7b169cd6a28e4c34d8d0.tar.bz2 nixlib-7c34c28cfaacf9cb9fcb7b169cd6a28e4c34d8d0.tar.lz nixlib-7c34c28cfaacf9cb9fcb7b169cd6a28e4c34d8d0.tar.xz nixlib-7c34c28cfaacf9cb9fcb7b169cd6a28e4c34d8d0.tar.zst nixlib-7c34c28cfaacf9cb9fcb7b169cd6a28e4c34d8d0.zip |
nixos/programs.mosh: refactor
Adds programs.mosh.withUtempter (default: true). The option enables -with-utempter for mosh, allowing it to write to /var/run/utmp and thus making connected sessions appear in the output of `who -a`. For that, a guid-wrapper is required. Also, the path to the `utempter` was hardcoded in the resulting binary until now (so it could never been found), thus, libutempter was patched accordingly to point to /run/wrappers/bin/utempter which at least works when the wrapper is configured.
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/modules/programs/mosh.nix | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/nixos/modules/programs/mosh.nix b/nixos/modules/programs/mosh.nix index b3aa55e189a3..359fe23e0ecd 100644 --- a/nixos/modules/programs/mosh.nix +++ b/nixos/modules/programs/mosh.nix @@ -16,10 +16,28 @@ in default = false; type = lib.types.bool; }; + withUtempter = mkOption { + description = '' + Whether to enable libutempter for mosh. + This is required so that mosh can write to /var/run/utmp (which can be queried with `who` to display currently connected user sessions). + Note, this will add a guid wrapper for the group utmp! + ''; + default = true; + type = lib.types.bool; + }; }; config = mkIf cfg.enable { environment.systemPackages = with pkgs; [ mosh ]; networking.firewall.allowedUDPPortRanges = [ { from = 60000; to = 61000; } ]; + security.wrappers = mkIf cfg.withUtempter { + utempter = { + source = "${pkgs.libutempter}/lib/utempter/utempter"; + owner = "nobody"; + group = "utmp"; + setuid = false; + setgid = true; + }; + }; }; } |